MemTracer - Memory Scaner

MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack traces hidden in memory. The MemTracer is implemented in Python language, aiming to detect reflectively loaded native .NET framework Dynamic-Link...

CryKeX - Linux Memory Cryptographic Keys Extractor

CryKeX - Linux Memory Cryptographic Keys Extractor Properties: Cross-platform Minimalism Simplicity Interactivity Compatibility/Portability Application Independable Process Wrapping Process Injection Dependencies: Unix - should work on any Unix-based OS BASH - the whole script root privileges...

Linux Memory Cryptographic Keys Extractor: CryKeX

Some work has been already published regarding the subject of cryptograhic keys security within DRAM. Basically, we need to find something that looks like a key entropic and specific length and then confirm its nature by analyzing the memory structure around it C data types. The idea is to dump...

[Memoryze] Find Evil in Live Memory (Memory Forensic Software)

Mandiant’s Memoryze is free memory forensic software that helps incident responders find evil in live memory. Memoryze can acquire and/or analyze memory images, and on live systems, can include the paging file in its analysis. Mandiant’s Memoryze features: image the full range of system memory no...