reverseame/windows-memory-extractor reverseame/windows-memory-extractor

  • Stars
    star
    13
  • Rank 1,512,713 (Top 30 %)
  • Language
    C++
  • License
    GNU General Publi...
  • Created over 3 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
reverseame/windows-memory-extractor
github

reverseame

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Tool to extract contents from the memory of Windows systems.

More Repositories

1

sigcheck

Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed
Python
17
star
2

rop3

A tool to search for gadgets, operations, and ROP chains using a backtracking algorithm in a tree-like structure
Python
14
star
3

modex

Volatility 3 plugins to extract a module as complete as possible
Python
10
star
4

pinVMShield

A pintool for protecting a sandbox application of common anti-virtualmachine and anti-sandbox detection techniques
C++
9
star
5

winesap

Volatility plugin to search for all Autostart Extensibility Points (AESPs)
Python
9
star
6

instant-messaging-artifact-finder

Tool to find memory artifacts present in instant messaging applications.
Python
8
star
7

processfuzzyhash

Volatility plugin to calculate and compare Windows processes fuzzy hashes
Python
8
star
8

winapi-categories

Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.
Python
7
star
9

MOSTO-Modbus-simulator

MOSTO is a SCADA network device simulator based on ModbusTCP communications. Based on Python3
Python
6
star
10

APOTHEOSIS

A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor lookup of approximate matching hashes
Python
6
star
11

malscan

Volatility plugin to detect malicious code thanks to ClamAV
Python
3
star
12

residentmem

Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.
Python
2
star
13

similarity-unrelocated-module

Volatility plugin to yield and compare similarity digest of modules on execution.
Python
2
star
14

asistencia-aula-EINA-telegram-bot

Bot de Telegram para facilitar la entrada de datos de asistencia presencial en aulas de la EINA
Python
1
star
15

Secure_Socket

C++ Sockets implementing hybrid encryption
C++
1
star
16

dumd-mixer

Dump Module Mixer (dumd-mixer) is a Python script to generate a module from the same module extracted from a collection of memory dumps.
Python
1
star
17

chiton

Chiton is a Python library to exfiltrate data encapsulating the data into IoT protocol’s packets
Python
1
star