MemGator

MemGator

MemGator is a memory file interrogation tool that automates the extraction of data from a memory file and compiles a report for the investigator. MemGator brings together a number of memory analysis tools such as the Volatility Framework and PTFinder into the one program. Data can be extracted in relation to memory details, processes, network connections, malware detection, passwords & encryption keys and the registry.


REQUIREMENTS

You will require Python to be installed on the examination machine.
The following Python libraries need to be installed for the Volatility Plugins
-Pydasm
-Pefile
-Pycrypto





Download MemGator version 1.0 - E5h Forensic Solutions MemGator version 1.0

For the latest versions of MemGator please visit www.orionforensics.com 

 




   
E5h Forensic Solutions
email e5hinfo@e5hforensics.com