volafox Logo

volafox

0
Free
Visit Website

volafox, also known as 'Mac OS X Memory Analysis Toolkit', is a Python 2.x tool developed for memory analysis on Mac OS X systems. It supports a wide range of OS versions from Snow Leopard to El Capitan, and provides features such as Kernel Symbol List overlay data, memory image analysis, and memory image export using tools like rekal. The project repository can be found at: https://github.com/n0fate/volafox

FEATURES

ALTERNATIVES

A tool with advanced filtering capabilities for analyzing events based on time, path, weekday, and date.

Truehunter is a tool designed to detect encrypted containers with a focus on Truecrypt and Veracrypt, utilizing a fast and memory efficient approach.

A library for working with Windows NT data types, providing access and manipulation functions.

A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.

Educational CTF-styled challenges for Memory Forensics.

A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.

Create checkpoint snapshots of the state of running pods for later off-line analysis.

ID-spoofing NFS client