memory
The Volatility Collaborative GUI.
A modern, distributed web interface for collaborative memory forensics built on Volatility 3, Django, and Dask.
The Volatility Foundation is an independent 501(c) (3) non-profit organization that maintains and promotes The Volatility memory forensics framework.
shared memory for agents. Get smarter alongside your AI.
Your intelligence shouldn't reset every conversation. Ensue is a persistent knowledge tree that grows with you - what you learn today enriches tomorrow's reasoning.
Your AI's Perfect Memory Archive.
A Claude Code plugin that automatically captures everything Claude does during your coding sessions, compresses it with AI (using Claude's agent-sdk), and injects relevant context back into future sessions.
mquire, a play on the memory and inquire words, is a memory querying tool inspired by osquery.
Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external debug info.
Related contents:
jemalloc is a general purpose malloc(3) implementation that emphasizes fragmentation avoidance and scalable concurrency support. jemalloc first came into use as the FreeBSD libc allocator in 2005, and since then it has found its way into numerous applications that rely on its predictable behavior. In 2010 jemalloc development efforts broadened to include developer support features such as heap profiling and extensive monitoring/tuning hooks. Modern jemalloc releases continue to be integrated back into FreeBSD, and therefore versatility remains critical. Ongoing development efforts trend toward making jemalloc among the best allocators for a broad range of demanding applications, and eliminating/mitigating weaknesses that have practical repercussions for real world applications.
Related contents:
Linpmem is a linux memory acquisition tool. Linpmem is a Linux x64-only tool for reading physical memory.
Like its Windows counterpart, Winpmem, this is not a traditional memory dumper. Linpmem offers an API for reading from any physical address, including reserved memory and memory holes, but it can also be used for normal memory dumping. Furthermore, the driver offers a variety of access modes to read physical memory, such as byte, word, dword, qword, and buffer access mode, where buffer access mode is appropriate in most standard cases. If reading requires an aligned byte/word/dword/qword read, Linpmem will do precisely that.
PHP basic ressource profiler (CPU/memory), safe and useful for production sites.
phptop prints per query and average metrics comparable to 'time' (wallclock, user and system CPU time) along with memory and other ressource usages.
It can be easily globally activated on a LAMP server and requires little resources and a single line configuration change in your php.ini. It has been used by Bearstech on many production servers for years without any problems.
An open-source SQL-Native memory engine for AI. Open-Source Memory Engine for LLMs, AI Agents & Multi-Agent Systems.
One line of code to give any LLM persistent, queryable memory using standard SQL databases.
Memori enables any LLM to remember conversations, learn from interactions, and maintain context across sessions with a single line: memori.enable(). Memory is stored in standard SQL databases (SQLite, PostgreSQL, MySQL) that you fully own and control.
A framework for finding JavaScript memory leaks and analyzing heap snapshots. Analyzes JavaScript heap and finds memory leaks in browser and node.js.
Related contents:
đźš° PHPUnit Plugin for detecting Memory Leaks in code and tests.
This library is a PHPUnit plugin that detects memory leaks in tested code or tests. It utilizes memory_get_usage() to make sure the code being executed properly cleans up after itself.
Remember the important things in your life.
Using the spaced time repetition techniques, you can permanently store information in your brain, instead of the cloud.
Volatility 3: The volatile memory extraction framework Volatility is the world's most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibility into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research.
Memory for Proactive 24/7 Agents.
MemU powers autonomous AI agents with persistent, evolving memory. Continuously predict user intentions, act proactively, and work for you — even while you sleep.
fuite is a CLI tool for finding memory leaks in web apps.
Related contents:
The SQLite for AI memory. One file. Full RAG. Zero infrastructure.
🍯 Memory layer for on-device AI Agents. Replace complex RAG pipelines with a serverless, single-file memory layer.
Automated Forensic Analysis of Windows Memory Dumps for DFIR.
MemProcFS-Analyzer.ps1 is a PowerShell script utilized to simplify the usage of MemProcFS and to optimize your memory analysis workflow.
A memory upgrade for your coding agent.
Beads is a lightweight memory system for coding agents, using a graph-based issue tracker. Four kinds of dependencies work to chain your issues together like beads, making them easy for agents to follow for long distances, and reliably perform complex task streams in the right order.
Related contents:
Long-term Memory for AI Agents.
Local persistent memory store for LLM applications including claude desktop, github copilot, codex, antigravity, etc.
Live hunting of code injection techniques.
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known malicious memory injection techniques. The detection process is performed through live analysis and without needing memory dumps. The tool was designed as a replacement of memory forensic volatility plugins such as malfind and hollowfind. The idea of not requiring memory dumps helps on performing the memory resident malware threat hunting at scale, without manual analysis, and without the complex infrastructure needed to move dumps to forensic environments.
memory scanner for Linux.
scanmem is a debugging utility designed to isolate the address of an arbitrary variable in an executing process. scanmem simply needs to be told the pid of the process and the value of the variable at several different times.
Related contents:
The multi-platform memory acquisition tool.
WinPmem has been the default open source memory acquisition driver for windows for a long time. It used to live in the Rekall project, but has recently been separated into its own repository.
Monitorets is a small utility application offering a simple and quick view at the usage of several of your computer resources. Almost like an applet or a widget for your Linux desktop.
Volatility Memory Forensics - Promoting Accessible Memory Analysis Tools Within the Memory Forensics Community.
Memory analysis has become one of the most important topics to the future of digital investigations, and The Volatility Framework has become the world’s most widely used memory forensics tool - relied upon by law enforcement, military, academia, and commercial investigators around the world. The Volatility Foundation helps keep Volatility going so that it may be used in perpetuity, free and open to all.