all InfoSec news
MemTracer - Memory Scaner
KitPloit - PenTest Tools! www.kitploit.com
MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack traces hidden in memory. The MemTracer is implemented in Python language, aiming to detect reflectively loaded native .NET framework Dynamic-Link Library (DLL). This is achieved by looking for the following abnormal memory region’s characteristics:
- The state of memory pages flags in each memory region. Specifically, the MEM_COMMIT flag which is used to reserve memory pages for virtual memory use.
- The …
analysis attack capabilities detect dfir digital digital forensics discover dll dynamic forensic framework hidden language library link live memory memory analysis python reflective dll scanning state tool traces