504ensicsLabs / LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
☆1,694Updated 3 months ago
Related projects: ⓘ
- Rekall Memory Forensic Framework☆1,916Updated 3 years ago
- An advanced memory forensics framework☆7,185Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,168Updated this week
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,763Updated 3 months ago
- Repository of yara rules☆4,120Updated 5 months ago
- Binary analysis and management framework☆1,537Updated last year
- Platform for emulation and dynamic analysis of Linux-based firmware☆1,805Updated 2 months ago
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,572Updated this week
- ☆3,407Updated 6 months ago
- Volatility 3.0 development☆2,538Updated this week
- pefile is a Python module to read and work with PE (Portable Executable) files☆1,855Updated 3 weeks ago
- Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors☆3,295Updated 10 months ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,529Updated 2 years ago
- Please no pull requests for this repository. Thanks!☆1,957Updated last week
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,650Updated 7 months ago
- This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format…☆3,856Updated last year
- Super timeline all the things☆1,700Updated this week
- Script for searching the extracted firmware file system for goodies!☆1,041Updated last year
- The pattern matching swiss knife☆8,138Updated last week
- YARA signature and IOC database for my scanners and tools☆2,445Updated this week
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,469Updated 4 years ago
- Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, A…☆1,839Updated last month
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb-bin-sploits☆1,766Updated last year
- Loki - Simple IOC and YARA Scanner☆3,349Updated 6 months ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆4,094Updated this week
- LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)☆1,789Updated last year
- The Python interface for YARA☆648Updated 3 months ago
- Toolkit to emulate firmware and analyse it for security vulnerabilities☆1,310Updated this week
- LKM Linux rootkit☆2,575Updated 3 years ago
- yarGen is a generator for YARA rules☆1,533Updated 3 months ago