ROMAD Analyzer

Advanced memory forensic tool

Admin's threat intelligence
swiss knife

Digital forensics at your service

ROMAD Analyzer

ROMAD Analyzer is designed to catch Windows user-mode rootkits. It works on Windows 7, 8, 10. We have put many efforts to make it as low false positives prone as possible. If ROMAD Analyzer tells you have a hidden or injected module on your OS, you may be pretty sure about it

Product features

Module properties

Module properties

For each module in the system we know its state: normal, hidden (not present in PEB) or injected. This is a very common technique for the "man-in-the-browser" attacks

Deep hooks analysis

Deep hooks analysis

We detect IAT/EAT/inline hooks and unroll them up to their endpoints. We will not bother you with the trivial nop/int3 padding or something like .extjmp/gs-cookie false positives

Realtime analysis


ROMAD Analyzer is designed to be fast. ROMAD Analyzer runs at the background for OS monitoring in real time with the negligible performance overhead

Try it out for free!

Request your free copy of ROMAD Analyzer and start looking for anomalies right now.

Be sure to specify the valid email as we are going to send the updates to it.