From aa19f183ce2739483f0999a6530cc4f683c2ab03 Mon Sep 17 00:00:00 2001 From: V <45754825+vxsh4d0w@users.noreply.github.com> Date: Mon, 27 Dec 2021 12:11:47 +0000 Subject: [PATCH] Added Orochi Added Orochi, a framework for memory dump analysis. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 20071f1..39311b6 100644 --- a/README.md +++ b/README.md @@ -164,6 +164,7 @@ Digital Forensics and Incident Response (DFIR) teams are groups of people in an * [MalConfScan](https://github.com/JPCERTCC/MalConfScan) - MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In addition, this tool has a function to list strings to which malicious code refers. * [Memoryze](https://www.fireeye.com/services/freeware/memoryze.html) - Free memory forensic software that helps incident responders find evil in live memory. Memoryze can acquire and/or analyze memory images, and on live systems, can include the paging file in its analysis. * [Memoryze for Mac](https://www.fireeye.com/services/freeware/memoryze.html) - Memoryze for Mac is Memoryze but then for Macs. A lower number of features, however. +* [Orochi](https://github.com/LDO-CERT/orochi) - Orochi is an open source framework for collaborative forensic memory dump analysis. * [Rekall](http://www.rekall-forensic.com/) - Open source tool (and library) for the extraction of digital artifacts from volatile memory (RAM) samples. * [Responder PRO](http://www.countertack.com/responder-pro) - Responder PRO is the industry standard physical memory and automated malware analysis solution. * [Volatility](https://github.com/volatilityfoundation/volatility) - Advanced memory forensics framework.