GitHub

[bug] memprocfs automatically exits during the process with the "-forensic 1" parameter.

DEVICE: Successfully opened file: 'RAM_Capture_David_Laptop\RAM_Capture_David_Laptop.raw' as RAW Memory Dump. [PROCESS] BAD DTB: PID=9992 DTB=000000038e750000 [INFODB] INIT: SUCCESS: ...
IEEE

The Hidden Threat: Detecting API Hooking in Memory Forensics Using Open-Source Tools

Abstract: API hooking is a prevalent technique utilized by malicious actors to compromise the integrity and security of computer systems. Through the interception and manipulation of system function ...
GitHub

FAQ_Timing

FAQ about timing and timeouts: This FAQ about timing and timeouts will try to answer the most common questions about timing and timeouts. MemProcFS, by default, performs various refreshes internally ...