MemGator

MemGator is a memory file interrogation tool that automates the extraction of data from a memory file and compiles a report for the investigator. MemGator brings together a number of memory analysis tools such as the Volatility Framework and PTFinder into the one program. Data can be extracted in relation to memory details, processes, network connections, malware detection, passwords & encryption keys and the registry.

REQUIREMENTS

You will require Python to be installed on the examination machine.
The following Python libraries need to be installed for the Volatility Plugins
-Pydasm
-Pefile
-Pycrypto

Download MemGator version 1.0 - E5h Forensic Solutions MemGator version 1.0

If you have any feedback then email me, Andy Smith, memory@e5hforensics.com