./security/volatility, Advanced memory forensics framework

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4, Package name: volatility-2.4, Maintainer: pettai

The Volatility Framework is a completely open collection of tools,
implemented in Python under the GNU General Public License, for the
extraction of digital artifacts from volatile memory (RAM) samples.
The extraction techniques are performed completely independent of the
system being investigated but offer visibilty into the runtime state
of the system. The framework is intended to introduce people to the
techniques and complexities associated with extracting digital artifacts
from volatile memory samples and provide a platform for further work into
this exciting area of research.


Required to run:
[devel/py-setuptools] [textproc/py-cElementTree] [security/py-crypto] [lang/python27] [devel/py-distorm3]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 77ae1443062a5103c63377aee6170d6e09ca6354
RMD160: 9db862c278cc09e2e9f197f30a79ee28d22fd905
Filesize: 2272.962 KB

Version history: (Expand)


CVS history: (Expand)


   2017-01-01 15:44:09 by Thomas Klausner | Files touched by this commit (577)
Log message:
Add python-3.6 to incompatible versions.
   2016-07-09 15:04:18 by Thomas Klausner | Files touched by this commit (599)
Log message:
Remove python33: adapt all packages that refer to it.
   2015-12-05 22:26:09 by Adam Ciarcinski | Files touched by this commit (578)
Log message:
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-06-22 12:38:17 by Fredrik Pettai | Files touched by this commit (1)
Log message:
Add new COMMENT
   2015-06-15 11:22:25 by Joerg Sonnenberger | Files touched by this commit (1)
Log message:
Installs egg if setuptools is present, so make it unconditional.
   2015-06-04 00:44:10 by Fredrik Pettai | Files touched by this commit (1)
Log message:
Oops, add some missing deps
   2015-06-04 00:21:41 by Fredrik Pettai | Files touched by this commit (4)
Log message:
The Volatility Framework is a completely open collection of tools,
implemented in Python under the GNU General Public License, for the
extraction of digital artifacts from volatile memory (RAM) samples.
The extraction techniques are performed completely independent of the
system being investigated but offer visibilty into the runtime state
of the system. The framework is intended to introduce people to the
techniques and complexities associated with extracting digital artifacts
from volatile memory samples and provide a platform for further work into
this exciting area of research.