Volatility
Forensics memory-forensics
Open Source
Leading memory analysis framework
Platforms:
linux windows macos
Prerequisites:
memory-forensics python
Pros and Cons
Ventajas
- + Standard for memory forensics
- + Extensive plugins
- + Multi-OS support
- + Open-source
- + Active community
Desventajas
- - Steep learning curve
- - Volatility 3 still maturing
- - Requires memory dumps
Casos de Uso
- Malware analysis
- Incident response
- Memory forensics
- Rootkit detection