10 repository-uri
Security practices for handling sensitive data exclusively in memory to prevent persistent storage.
Distinguishing note: Focuses on memory-only handling of credentials rather than general memory management.
Explore 10 awesome GitHub repositories matching security & cryptography · Volatile Memory Processing. Refine with filters or upvote what's useful.
Trufflehog is a security tool designed to continuously monitor code repositories and cloud environments to detect, verify, and remediate exposed sensitive credentials and API keys. It functions as a comprehensive secret scanning engine that integrates directly into deployment pipelines and version control systems to intercept sensitive data before it is committed or pushed. By utilizing read-only operations and volatile memory processing, the system ensures that discovered credentials are never stored persistently, maintaining strict data privacy throughout the scanning lifecycle. The platfor
Keeps sensitive credentials exclusively in short-lived memory and clears them immediately after verification to prevent persistent storage.
PEASS-ng is an automated penetration testing framework designed to identify privilege escalation vectors on local systems. It functions as a security assessment utility that scans environments for misconfigurations, sensitive files, and insecure permissions to uncover paths for unauthorized privilege elevation. The project distinguishes itself through a modular script-based enumeration engine that adapts to the target environment. It utilizes environment-aware capability detection and cross-platform shell abstraction to normalize data collection across diverse operating systems, while operati
Operates primarily within volatile memory to avoid leaving permanent traces on the target system.
This project provides a comprehensive, self-hosted platform for zero-knowledge credential management and enterprise secrets orchestration. It functions as a secure vault that ensures all encryption and decryption processes occur exclusively on the client side, preventing the server from ever accessing plaintext data. By combining identity federation with robust access controls, the system enables organizations to centralize the management of passwords, passkeys, and sensitive infrastructure credentials. The platform distinguishes itself through its focus on both human-centric security and aut
Keeps decrypted information exclusively in volatile memory during active sessions to prevent persistent storage exposure.
This project is a comprehensive zero-knowledge security suite designed for enterprise credential management, secrets orchestration, and password management. It provides a secure, end-to-end encrypted vault that allows users to store, synchronize, and manage sensitive information, including passwords, passkeys, and infrastructure secrets, across desktop, mobile, and browser environments. The platform distinguishes itself through a strict zero-knowledge architecture where all encryption and decryption occur locally on the client, ensuring that plaintext data remains inaccessible to the server.
Keeps decrypted vault contents exclusively in volatile system memory to prevent sensitive data from being written to disk.
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execu
Executes malicious payloads entirely within volatile memory to minimize forensic footprints on storage.
Sliver is a command and control framework designed for adversary emulation and security assessment operations. It provides a centralized platform for managing remote systems, enabling security professionals to coordinate multi-operator sessions and maintain persistent, secure communication channels across diverse network environments. The framework distinguishes itself through its focus on stealth and infrastructure flexibility. It utilizes dynamic payload obfuscation to generate unique binaries and supports in-memory execution to minimize disk artifacts. Communication is secured through mutu
Supports in-memory execution of payloads to minimize disk artifacts and evade forensic detection.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Executes scripts or shellcode exclusively in volatile memory to minimize the forensic footprint on disk.
usbkill is a physical access defense tool and system monitor that triggers immediate power-off or shutdown sequences when unauthorized USB device changes are detected. It functions as a USB device shutdown trigger and volatile memory wiper designed to prevent forensic data recovery by automating system termination upon hardware tampering. The tool includes a USB device whitelist manager that ignores trusted hardware to prevent accidental shutdowns during legitimate device usage. It provides anti-forensic data protection by executing destructive commands to erase RAM and swap space before the
Wipes RAM and swap space with random data to prevent forensic data recovery before power-off.
Molly is a privacy-focused Android messenger and a client for the Matrix open standard. It functions as a decentralized, end-to-end encrypted communication tool that allows users to interact across federated networks without a central authority. The application implements several security-centric features, including binary integrity verification to ensure the authenticity of the installed build and RAM-overwrite memory sanitization to prevent sensitive data leakage. It provides local database encryption secured by user-defined passphrases and supports routing network traffic through proxies o
Overwrites sensitive credentials and keys in RAM immediately after use to prevent forensic recovery.
Phantom-Evasion este un framework de cercetare în securitate conceput pentru generarea de payload-uri obfuscate și automatizarea sarcinilor post-exploatare în timpul evaluărilor de securitate autorizate. Acesta oferă o suită de utilitare pentru crearea de executabile și biblioteci personalizate menite să testeze eficacitatea sistemelor de detecție antivirus și endpoint security. Framework-ul se distinge printr-un accent pe operațiunile rezidente în memorie, permițând execuția de binare criptate și shellcode direct în memoria sistemului. Prin utilizarea unor tehnici precum injectarea de cod inutil (junk code), criptarea payload-ului și preluarea resurselor de la distanță, acesta minimizează amprenta forensică pe o mașină țintă și evită dependența de stocarea pe disc. Dincolo de generarea de payload-uri, instrumentul include capabilități pentru menținerea accesului pe termen lung la sistem prin configurarea cheilor de registru, a sarcinilor programate și a serviciilor de fundal. De asemenea, suportă operațiuni stealth prin injectarea de shellcode în procese legitime ale sistemului și automatizarea sarcinilor administrative, cum ar fi gestionarea driverelor de logare de securitate și a memoriei proceselor, pentru a facilita scenarii controlate de penetration testing.
Provides a framework for fetching and loading encrypted binaries directly into system memory to avoid writing files to the local disk.