504ensicsLabs / LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
☆1,805Updated 6 months ago
Alternatives and similar repositories for LiME:
Users that are interested in LiME are comparing it to the libraries listed below
- Rekall Memory Forensic Framework☆1,947Updated 4 years ago
- An advanced memory forensics framework☆7,634Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,503Updated this week
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,781Updated this week
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,894Updated last week
- Volatility 3.0 development☆3,021Updated this week
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,665Updated last year
- yarGen is a generator for YARA rules☆1,626Updated last week
- AVML - Acquire Volatile Memory for Linux☆936Updated this week
- Binary analysis and management framework☆1,544Updated last year
- Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors☆3,369Updated last year
- Builds malware analysis Windows VMs so that you don't have to.☆1,040Updated 3 years ago
- Repository of yara rules☆4,362Updated last year
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,149Updated last year
- Super timeline all the things☆1,825Updated last month
- Platform for emulation and dynamic analysis of Linux-based firmware☆1,917Updated 9 months ago
- DRAKVUF Black-box Binary Analysis☆1,110Updated 3 weeks ago
- A static analyzer for PE executables.☆1,056Updated last year
- Script for searching the extracted firmware file system for goodies!☆1,114Updated last year
- Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, A…☆1,949Updated last month
- The Python interface for YARA☆687Updated last week
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,659Updated 2 years ago
- Malware Configuration And Payload Extraction☆2,347Updated this week
- This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format…☆4,102Updated 2 months ago
- A curated list of awesome YARA rules, tools, and people.☆3,772Updated 3 weeks ago
- The pattern matching swiss knife☆8,705Updated last week
- Loki - Simple IOC and YARA Scanner☆3,516Updated 4 months ago
- Volatility plugins developed and maintained by the community☆359Updated 4 years ago
- rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆1,913Updated last month
- Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's po…☆3,813Updated last year