MemGator is a memory file interrogation tool that automates the extraction of data from a memory file and compiles a report for the investigator. MemGator brings together a number of memory analysis tools such as the Volatility Framework and PTFinder into the one program. Data can be extracted in relation to memory details, processes, network connections, malware detection, passwords & encryption keys and the registry.


You will require Python to be installed on the examination machine.
The following Python libraries need to be installed for the Volatility Plugins

Download MemGator version 1.0 - E5h Forensic Solutions MemGator version 1.0

For the latest versions of MemGator please visit 


E5h Forensic Solutions