Interesting: [Wayback/Archive] ufrisk/MemProcFS: The Memory Process File System
MemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system.
Easy trivial point and click memory analysis without the need for complicated commandline arguments! Access memory content and artifacts via files in a mounted virtual file system or via a feature rich application library to include in your own projects!
Analyze memory dump files, live memory via DumpIt or WinPMEM, live memory in read-write mode from virtual machines or from [Wayback/Archive] PCILeech [Wayback/Archive] FPGA hardware devices!
It’s even possible to connect to a remote LeechAgent memory acquisition agent over a secured connection – allowing for remote live memory incident response – even over higher latency low band-width connections! Peek into Virtual Machines with [Wayback/Archive] LiveCloudKd or [Wayback/Archive] VMWare!
Use your favorite tools to analyze memory – use your favorite hex editors, your python and powershell scripts, WinDbg or your favorite disassemblers and debuggers – all will work trivally with MemProcFS by just reading and writing files!
On Windows, there is even the cool tool [Wayback/Archive] evild3ad/MemProcFS-Analyzer: MemProcFS-Analyzer – Automated Forensic Analysis of Windows Memory Dumps for DFIR:
The Wiert Corner - irregular stream of stuff 