Releases: ufrisk/MemProcFS
Releases Β· ufrisk/MemProcFS
Version 5.16
- Bug fixes.
- Support for Windows 11 25H2.
For previous release builds see the release archive.
Version 5.15
- Bug fixes.
- Linux LeechAgent support using gRPC (LeechCore v2.21).
- New FindEvil detection: High Entropy.
- DNS cache parsing. Thanks @MattCore71 for the contribution.
For previous release builds see the release archive.
Vesion 5.14
- Bug fixes.
- Linux clang compilation support.
- macOS support.
For previous release builds see the release archive.
v5.13
- Bug fixes.
- New console module added.
- File recovery improvements (file sizes, signing info) for files module.
- Memory callback API functionality (C/C++ API only).
- Callstack parsing for x64 user-mode process callstacks. Thank You @MattCore71 for this very nice contribution!
For previous release builds see the release archive.
Version 5.12
- Bug fixes.
- updates (FindEvil, New signatures, etc.).
- New APIs for Kernel Objects, Drivers and Devices.
For previous release builds see the release archive.
Version 5.11
- Bug fixes.
- New Vmmsharp C# API.
For previous release builds see the release archive.
Version 5.10
- Support for Windows 11 24H2 release.
- Bug fixes.
- Added named _SECTION objects to VAD map.
-memmap autoimprovements.- Hibernation file support.
- FindEvil: UM APC detection. Thanks @thejanit0r for the contribution.
- Sysinfo module for easy-to-read system information.
- Eventlog module for convenient access to event log files.
- Binary search API now allows for up to 16M search terms (up from previous 16).
- Prefetch parsing.
For previous release builds see the release archive.
Version 5.9
- Bug fixes.
- Module improvements: ntfs, procinfo, web.
- C# API: improvements.
- Java API: support for java.lang.foreign (JDK21+) for efficient memory accesses.
- Linux PCIe FPGA performance improvements.
- FindEvil: Triggered Yara rules are now shown.
- FindEvil: AV detections from Windows Defender residing on the analyzed system.
- Python API: new functionality (multi-read, type-read) and improved scatter read performance.
- Support for Proxmox memory dump files.
For previous release builds see the release archive.
Release Archive v5
Release Archive of past MemProcFS versions and updates for MemProcFS v5.9 and later.