Mozilla releases open-source memory-scanning technology for servers

Today, Mozilla has released an open-source new security technology called Masche that will let you look into your server’s memory processes.

Today, Mozilla has released an open-source new security technology called Masche that will let you look into your server’s memory processes.

Masche scans memory processes, while allowing for normal unabated operations.

The tool acts as a complement to Mozilla’s existing digital forensics and threat response platform Mozilla InvestiGator or MIG.

The platform views information from thousands of hosts simultaneously, but cannot see into memory processes.

Masche’s technology makes up for this handicap. Mozilla says that while Masche provides fast memory scans, it doesn’t offer advanced forensic features, like Volatility or Rekall (two advanced forensics frameworks).

“Instead, it focuses on searching for regexes and byte strings in the processes of large pools of systems, and does so live and very fast,” Mozilla said.

The program runs on Linux, Mac OS, and Windows and you can check out the source code here.

Via VB