Top 7 memory-forensic Open-Source Projects

pe-sieve

1 2,884 8.7 C++

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
hollows_hunter

4 1,874 7.5 C

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
MemLabs

6 1,520 2.6 Shell

Educational, CTF-styled labs for individuals interested in Memory Forensics
mal_unpack

1 631 5.5 C

Dynamic unpacker based on PE-sieve
MemProcFS-Analyzer

2 401 6.1 PowerShell

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
varc

5 231 3.5 Python

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
Collect-MemoryDump

2 213 4.5 PowerShell

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).