Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

nccgroup / Mnemosyne

Licence: agpl-3.0

A Generic Windows Memory Scraping Tool

Mnemosyne is a generic Windows-based memory scraping tool.

It scans a process memory space for a search string or regex (unicode and ascii) then if found, spits these out either to stdout, a file or a socket to a remote listener.

The utility is useful for memory scraping a process, as a post-exploitation POC, a dynamic analysis mechanism for malware, an instrumentation tool to be used during fuzzing and many other applications.

The tool works infinitely over a process (or all running processes) since memory is dynamic and subject to rapid change, hence this looping may be more beneficial for scraping specific items of interest within memory.

It uses only native Win32 API calls so no dependencies and has worked from Windows 2000 up to Windows 10 (compilation to different versions of .NET will be required for older platforms).

The main limitation is with Protected Processes - Mnemosyne will not be able to access the virtual memory of a protected process and so will skip any such process without scraping.

Run Mnemosyne.exe for full usage.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 57

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗