Path to this page:
./
security/volatility3,
Advanced memory forensics framework
Branch: CURRENT,
Version: 2.7.0,
Package name: volatility3-2.7.0,
Maintainer: pettaiVolatility is the world's most widely used framework for extracting digital
artifacts from volatile memory (RAM) samples. The extraction techniques are
performed completely independent of the system being investigated but offer
visibility into the runtime state of the system. The framework is intended to
introduce people to the techniques and complexities associated with extracting
digital artifacts from volatile memory samples and provide a platform for
further work into this exciting area of research.
Master sites:
Filesize: 511.177 KB
Version history: (Expand)
- (2024-06-11) Updated to version: volatility3-2.7.0
- (2023-10-23) Updated to version: volatility3-2.0.1nb2
- (2023-08-14) Updated to version: volatility3-2.0.1nb1
- (2022-11-29) Package added to pkgsrc.se, version volatility3-2.0.1 (created)
CVS history: (Expand)
2024-11-11 08:29:31 by Thomas Klausner | Files touched by this commit (862) |
Log message:
py-*: remove unused tool dependency
py-setuptools includes the py-wheel functionality nowadays
|
2024-06-11 12:39:50 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
volatility3: updated to 2.7.0
Volatility 3 2.7.0
New plugins:
windows.iat
windows.truecrypt
linux.library_list
mac.dmesg
Support for configuration files for common CLI options
windows.driverirp: Report IRP entries that point inside a hidden module
windows.thrdscan: Improvements
linux.kmsg: Supports older kernels
mac.maps: Add process dump support
Support for Python 3.12
|
2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247) |
Log message:
*: recursive bump for Python 3.11 as new default
|
2022-11-29 06:59:16 by Adam Ciarcinski | Files touched by this commit (4) |
Log message:
volatility3: added version 2.0.1
Volatility is the world's most widely used framework for extracting digital
artifacts from volatile memory (RAM) samples. The extraction techniques are
performed completely independent of the system being investigated but offer
visibility into the runtime state of the system. The framework is intended to
introduce people to the techniques and complexities associated with extracting
digital artifacts from volatile memory samples and provide a platform for
further work into this exciting area of research.
|