Add memory forensics section

README.md

@@ -11,6 +11,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
         - [Malware Corpora](#malware-corpora)
     - [Detection and Classification](#detection-and-classification)
     - [Online Scanners and Sandboxes](#online-scanners-and-sandboxes)
+    - [Memory Forensics](#memory-forensics)
     - [Miscellaneous](#miscellaneous)
 - [Resources](#resources)
     - [Books](#books)
@@ -60,6 +61,17 @@ A curated list of awesome malware analysis tools and resources. Inspired by
 * [VirusTotal](https://www.virustotal.com/) - Free online analysis of malware
   samples and URLs
 
+## Memory Forensics
+
+* [FindAES](https://jessekornblum.livejournal.com/269749.html) - Find AES
+  encryption keys in memory.
+* [Rekall](http://www.rekall-forensic.com/) - Memory analysis framework,
+  forked from Volatility in 2013.
+* [TotalRecall](https://github.com/sketchymoose/TotalRecall) - Script based
+  on Volatility for automating various malware analysis tasks.
+* [Volatility](https://github.com/volatilityfoundation/volatility) - Advanced
+  memory forensics framework.
+
 ## Miscellaneous
 
 * [REMnux](https://remnux.org/) - Linux distribution and docker images for