Skip to content

serialphotog/Linux-Memory-Dumper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
lib
lib
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
dumpmemory.c
dumpmemory.c
 
 

Repository files navigation

Linux Memory Dumper

This repository contains a proof-of-concept tool for dumping the system memory of a Linux system. This works by locating the physical RAM address ranges by processing /proc/iomem and associating with regions in /proc/kcore. There is currently a single command-line tool provided here:

  1. dumpmemory - Dumps the physical RAM of the system to a file on disk:

    dumpmemory <output_file>

Disclaimer

Note that this tool is nothing more than an experimental proof-of-concept. It has not been extensively tested and I make no guarantee about its accuracy or completeness.

Building

make

About

A POC tool for dumping the memory on a running Linux system.

Topics

linux proof-of-concept forensics memory-forensics

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Languages