A binary analysis platform for analyzing binary programs
Volatility 3 is a digital artifact extraction framework that extracts data from volatile memory (RAM) samples, providing visibility into the runtime state of a system. It's a rewritten version of Volatility, addressing technical and performance challenges, and is released under a custom license. The framework requires Python 3.7.0 or later and can be installed using pip or setup.py. It provides a range of plugins for analyzing memory samples, including support for Windows memory samples. The framework is widely used for extracting digital artifacts from volatile memory samples and is intended to introduce people to the techniques and complexities associated with this area of research. Volatility 3 is open-source and freely available on GitHub, with a growing community contributing to its development and maintenance.
A binary analysis platform for analyzing binary programs
A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
wxHexEditor is a free hex editor / disk editor with various data manipulation operations and visualization functionalities.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.