MemGator – Memory Analysis Tool

MemGator is a memory file analysis tool that automates the extraction of data from a memory file and compiles a report for the investigator. The frameowrk brings together a number of tools such as the Volatility Framework, Scalpel File Carver and AESKeyFinder into one program.

MemGator – Memory Analysis Tool

This tool automates running of nearly all the commands from Volatility Framework 2.3.1 For certain Volatility commands the user has the option to add additional command line parameters. The program will automatically select the correct OS profile to use for all of the Volatility commands.

That’s beside automating running Scalpel while still allowing the user to add search strings of their choice. Scalpel automatically carve usernames and passwords for Gmail, Hotmail, Yahoo, Facebook, Livedrive and autofill form Chrome web browser. The program can also extract TrueCrypt encryption keys from the memory file.

You can read more and download this tool over here: http://www.orionforensics.com/w_en_page/MemGator.php

Share