List of Volatility Plugins
Revision as of 08:30, 16 January 2009 by Jessek (Fixing broken links)
The Volatility Framework was designed to be expanded by plugins. Here is a list of the published plugins for the framework. Note that these plugins are not hosted on the wiki, but all on external sites.
- volshell - Creates a python shell can be used with the framework.
- suspicious - Identify "suspicious" processes. This version counts any command line running TrueCrypt or any command line that starts with a lower case drive letter as suspicious.