|
|
| Line 1: |
Line 1: |
| − | {{Expand}}
| + | sgzip is the Seekable GZIP disk image format, used by [[pyflag]]. |
| − | {{Infobox_Software |
| + | |
| − | name = volatools |
| + | |
| − | maintainer = [[AAron Walters]] and [[Nick Petroni]] |
| + | |
| − | os = {{Windows}} |
| + | |
| − | genre = [[Windows Memory Analysis]] |
| + | |
| − | license = {{GPL}} |
| + | |
| − | website = [http://komoku.com/forensics/forensics.html komoku.com] |
| + | |
| − | }}
| + | |
| − | | + | |
| − | The Volatools suite is a set of tools by [[Komoku]] for conducting [[Windows Memory Analysis|memory analysis]]. The current version, '''Volatools Basic''', can process images from [[Windows XP]] Service Pack 2 systems. A forthcoming version '''Volatools Professional''' should be able to process images from more platforms. Although the Volatools are written in [[Python]] and are therefore cross-platform, they require the [[Pykvm]] library that is only available for [[Windows]].
| + | |
| − | | + | |
| − | == License ==
| + | |
| − | | + | |
| − | The Volatools are licensed under the [[:Category:GPL|GPL]]. Some of the functionality for these tools is contained in a closed source library called [[Pykvm]].
| + | |
| − | | + | |
| − | == History ==
| + | |
| − | | + | |
| − | Volatools Basic was first released at the [[Blackhat (conference)|Blackhat Federal]] conference in February 2007. The professional version and an acquisition product, '''Komoku Acquisition Suite''' are scheduled to be released in 2007.
| + | |
| − | | + | |
| − | == External Links ==
| + | |
| − | | + | |
| − | * [http://komoku.com/forensics/forensics.html Volatools official website]
| + | |
Revision as of 16:01, 5 June 2008
sgzip is the Seekable GZIP disk image format, used by pyflag.
