Volatility Framework - Volatile memory extraction utility framework.
Volatility is the world's most widely used framework for extracting
digit artifacts from volatile memory (RAM) samples. The extraction
techniques are performed completely independent of the system being
investigated but offer visibility into the runtime state of the system.
The framework is intended to introduce people to the techniques and
complexities associated with extracting digital artifacts from volatile
memory samples and provide a platform for further work into this
exciting area of research.
In 2019, the Volatility Foundation released a complete rewrite of the
framework, Volatility3.
The following are optional dependancies:
- capstone
- jsonschema
- s3fs-fuse
3f08b36d66