Rip Raw – Small Tool To Analyse The Memory Of Compromised Linux Systems

April 28, 2022

Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to Bulk Extractor, but particularly focused on extracting system Logs from memory dumps from Linux systems. This enables you to analyse systems without needing to generate a profile.

This is not a replacement for tools such as Rekall and

Or Splunk:

Learn More

  • We’ll be giving a webinar on Cloud Incident Response and Ransomware on Tuesday February 1st @ https://www.brighttalk.com/webcast/19071/527346

  • We give an example of Rip Raw for analysing a compromised Amazon Kubernetes system in a talk @ https://offers.cadosecurity.com/cloud-and-kubernetes-memory-forensics

  • You can download a PDF copy of our playbook on how to respond to compromised Kubernetes systems such as Amazon EKS @ https://offers.cadosecurity.com/the-ultimate-guide-to-docker-and-kubernetes-incident-response

Download Rip_Raw

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source
Tags: , , , ,

You may have missed

Sliver C2

Sliver C2 Detected – 54[.]204[.]118[.]225:31337

May 6, 2024
Sliver C2

Sliver C2 Detected – 8[.]220[.]197[.]83:31337

May 6, 2024
Sliver C2

Sliver C2 Detected – 95[.]164[.]18[.]23:31337

May 6, 2024
gophish

GoPhish Login Page Detected – 213[.]157[.]205[.]230:443

May 6, 2024
CISA Logo

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

May 6, 2024