504ensicsLabs / LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
☆1,741Updated 2 months ago
Alternatives and similar repositories for LiME:
Users that are interested in LiME are comparing it to the libraries listed below
- Rekall Memory Forensic Framework☆1,929Updated 4 years ago
- An advanced memory forensics framework☆7,414Updated last year
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,824Updated 3 weeks ago
- Volatility 3.0 development☆2,759Updated last week
- Binary analysis and management framework☆1,543Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,334Updated last week
- Super timeline all the things☆1,745Updated 2 months ago
- Repository of yara rules☆4,213Updated 8 months ago
- Platform for emulation and dynamic analysis of Linux-based firmware☆1,841Updated 4 months ago
- AVML - Acquire Volatile Memory for Linux☆883Updated last week
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,657Updated 10 months ago
- Please no pull requests for this repository. Thanks!☆2,049Updated 2 weeks ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,130Updated last year
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,647Updated this week
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,567Updated 2 years ago
- Script for searching the extracted firmware file system for goodies!☆1,072Updated last year
- This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format…☆3,976Updated 2 months ago
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆1,863Updated last year
- The Python interface for YARA☆664Updated 3 weeks ago
- pefile is a Python module to read and work with PE (Portable Executable) files☆1,890Updated 3 months ago
- Reverse engineering framework in Python☆3,509Updated 3 months ago
- Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, A…☆1,888Updated last month
- Python low-interaction honeyclient☆998Updated this week
- Malcom - Malware Communications Analyzer☆1,158Updated 7 years ago
- Platform for Architecture-Neutral Dynamic Analysis☆2,506Updated this week
- Scalpel is an open source data carving tool. It is not being actively maintained.☆628Updated 8 months ago
- YARA signature and IOC database for my scanners and tools☆2,507Updated this week
- This is the development tree. Production downloads are at:☆1,128Updated this week
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆6,687Updated this week
- Indicators of Compromises (IOC) of our various investigations☆1,698Updated 2 weeks ago