Volatility 3
Volatility 3 is a digital artifact extraction framework that extracts data from volatile memory (RAM) samples, providing visibility into the runtime state of a system. It's a rewritten version of Volatility, addressing technical and performance challenges, and is released under a custom license. The framework requires Python 3.7.0 or later and can be installed using pip or setup.py. It provides a range of plugins for analyzing memory samples, including support for Windows memory samples. The framework is widely used for extracting digital artifacts from volatile memory samples and is intended to introduce people to the techniques and complexities associated with this area of research. Volatility 3 is open-source and freely available on GitHub, with a growing community contributing to its development and maintenance.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A software that collects forensic artifacts on systems for forensic investigations.
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
Open Source computer forensics platform with modular design for easy automation and scripting.
A portable volatile memory acquisition tool for Linux.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.