VolUtility is a web interface for the Volatility Memory Analysis framework that runs plugins, stores output in a mongo database, extracts files, enables search across plugins and file content, and supports working on multiple images in one database. It also provides a video demo of its features and detailed installation and usage instructions in the wiki.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.