search

Perform Memory Forensics

Discover the Tools

hashtag
Volatility Framework

Memory forensics tool and framework.

Website: https://github.com/volatilityfoundation/volatility3arrow-up-right Author: The Volatility Foundation License: Volatility Software License: https://github.com/volatilityfoundation/volatility3/blob/master/LICENSE.txtarrow-up-right Notes: Invoke using: vol3, volshell3. Before using, download symbols by following the links from https://github.com/volatilityfoundation/volatility3#symbol-tables and place them in /opt/volatility3/lib/python3.*/site-packages/volatility3/symbols State File: remnux.python3-packages.volatility3arrow-up-right

hashtag
AESKeyFinder

Find 128-bit and 256-bit AES keys in a memory image.

Website: https://citp.princeton.edu/our-work/memory/arrow-up-right Author: Nadia Heninger, Alex Halderman License: Free, unknown license Notes: aeskeyfind State File: remnux.packages.aeskeyfindarrow-up-right

hashtag
RSAKeyFinder

Find BER-encoded RSA private keys in a memory image.

Website: https://citp.princeton.edu/our-work/memory/arrow-up-right Author: Nadia Heninger, Alex Halderman License: Free, unknown license Notes: rsakeyfind State File: remnux.packages.rsakeyfindarrow-up-right

hashtag
bulk_extractor

Extract interesting strings from binary files.

Website: https://github.com/simsong/bulk_extractor/arrow-up-right Author: https://github.com/simsong/bulk_extractor/blob/master/AUTHORSarrow-up-right License: Portions Public Domain, portions MIT License: https://github.com/simsong/bulk_extractor/blob/master/LICENSE.mdarrow-up-right State File: remnux.packages.bulk-extractorarrow-up-right

PreviousELF FilesNextExplore Network Interactions

Last updated