LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
☆1,954Mar 15, 2026Updated this week
Alternatives and similar repositories for LiME
Users that are interested in LiME are comparing it to the libraries listed below
Sorting:
- AVML - Acquire Volatile Memory for Linux☆1,064Updated this week
- An advanced memory forensics framework☆7,982May 16, 2025Updated 10 months ago
- Rekall Memory Forensic Framework☆1,999Oct 18, 2020Updated 5 years ago
- Script for automating Linux memory capture and analysis☆274Feb 1, 2020Updated 6 years ago
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- Volatility 3.0 development☆3,981Updated this week
- A python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local hos…☆158Aug 26, 2020Updated 5 years ago
- Web App for Volatility framework☆390Jan 13, 2026Updated 2 months ago
- Super timeline all the things☆2,034Feb 10, 2026Updated last month
- GRR Rapid Response: remote live forensics for incident response☆5,046Feb 16, 2026Updated last month
- Loki - Simple IOC and YARA Scanner☆3,733Jan 12, 2026Updated 2 months ago
- The multi-platform memory acquisition tool.☆955Oct 14, 2025Updated 5 months ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,923Updated this week
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,438Updated this week
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- This is the development tree. Production downloads are at:☆1,344Jan 29, 2026Updated last month
- Volatility profiles for Linux and Mac OS X☆327Oct 30, 2022Updated 3 years ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,239Aug 7, 2025Updated 7 months ago
- The pattern matching swiss knife☆9,490Feb 10, 2026Updated last month
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆2,094Dec 9, 2025Updated 3 months ago
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆3,023Mar 13, 2026Updated last week
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆197Sep 12, 2017Updated 8 years ago
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- A curated list of tools for incident response☆8,879Jul 18, 2024Updated last year
- Repository of yara rules☆4,730Apr 17, 2024Updated last year
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,298Feb 14, 2026Updated last month
- Digging Deeper....☆3,809Mar 13, 2026Updated last week
- Impacket is a collection of Python classes for working with network protocols.☆15,560Updated this week
- Main Sigma Rule Repository☆10,203Updated this week
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,682Feb 14, 2024Updated 2 years ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,824Jan 19, 2020Updated 6 years ago
- Collaborative forensic timeline analysis☆3,290Updated this week
- CTF framework and exploit development library☆13,315Mar 5, 2026Updated 2 weeks ago
- Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by …☆3,047Oct 25, 2025Updated 4 months ago
- Remote Memory Acquisition Tool☆253Sep 22, 2020Updated 5 years ago
- macOS (& ios) Artifact Parsing Tool☆1,009Mar 8, 2026Updated last week
- Configuration files for the SOF-ELK VM☆1,723Jan 21, 2026Updated last month
- Your Everyday Threat Intelligence☆1,959Updated this week
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,688Mar 13, 2026Updated last week