https://theoabel.com/tags/memory-forensics/Recent content in Memory-Forensics on zeishrHugoen-US© Théo AbelSun, 14 Apr 2024 15:23:05 +0000https://theoabel.com/projects/mmushell/Sun, 14 Apr 2024 15:23:05 +0000https://theoabel.com/projects/mmushell/<p>mmushell is a substantial fork of EURECOM&rsquo;s memory-forensics proof of concept.</p> <p>The fork added module packaging, a Nix development shell, MkDocs documentation, and cleanup around architecture/exporter boundaries. It is archived as a research and reproducibility reference.</p>https://theoabel.com/projects/libmmu/Mon, 11 Mar 2024 19:47:23 +0000https://theoabel.com/projects/libmmu/<p>libMMU is a Rust crate for rebuilding virtual address spaces from memory dumps.</p> <p>It is inspired by OS-agnostic MMU reconstruction techniques explored in <code>mmushell</code> and related memory-forensics research. The project is archived as a research implementation reference.</p>https://theoabel.com/projects/pydfirram/Thu, 20 Jul 2023 12:57:16 +0000https://theoabel.com/projects/pydfirram/<p>pyDFIRRam is a Volatility 3-based Python library for scripted and notebook-driven memory-forensics workflows.</p> <p>It focuses on making memory analysis easier to automate, compose, and reuse from Python rather than forcing every investigation through one-off command invocations.</p>