Difference between revisions of "Volatools"

From Forensics Wiki
Jump to: navigation, search
(Initial Stub)
 
(Updated platform and licensing)
Line 1: Line 1:
 
{{Expand}}
 
{{Expand}}
 
 
{{Infobox_Software |
 
{{Infobox_Software |
 
   name = volatools |
 
   name = volatools |
 
   maintainer = [[AAron Walters]] and [[Nick Petroni]] |
 
   maintainer = [[AAron Walters]] and [[Nick Petroni]] |
   os = {{Cross-platform}} ([[Python]]) |
+
   os = {{Windows}} |
 
   genre = [[Windows Memory Analysis]] |
 
   genre = [[Windows Memory Analysis]] |
 
   license = {{GPL}} |
 
   license = {{GPL}} |
Line 10: Line 9:
 
}}
 
}}
  
 +
The Volatools suite is a set of tools by [[Komoku]] for conducting [[Windows Memory Analysis|memory analysis]]. The current version, '''Volatools Basic''', can process images from [[Windows XP]] Service Pack 2 systems. A forthcoming version '''Volatools Professional''' should be able to process images from more platforms. Although the Volatools are written in [[Python]] and are therefore cross-platform, they require the [[Pykvm]] library that is only available for [[Windows]].
 +
 +
== License ==
  
 +
Although the Volatools suite is licensed under the [[GPL]], much of its functionality is contained in a separate closed source library, [[Pykvm]]. This library is licensed under a separate agreement.
  
 
== History ==
 
== History ==
  
Volatools were first released at the [[Blackhat (conference)|Blackhat Federal]] conference in February 2007.
+
Volatools Basic was first released at the [[Blackhat (conference)|Blackhat Federal]] conference in February 2007. The professional version and an acquisition product, '''Komoku Acquisition Suite''' are scheduled to be released in 2007.
  
== See Also ==
+
== External Links ==
  
[[Komoku]]
+
* [http://komoku.com/forensics/forensics.html Volatools official website]

Revision as of 13:14, 4 March 2007

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

volatools
Maintainer: AAron Walters and Nick Petroni
OS: Windows
Genre: Windows Memory Analysis
License: GPL
Website: not public yet

The Volatools suite is a set of tools by Komoku for conducting memory analysis. The current version, Volatools Basic, can process images from Windows XP Service Pack 2 systems. A forthcoming version Volatools Professional should be able to process images from more platforms. Although the Volatools are written in Python and are therefore cross-platform, they require the Pykvm library that is only available for Windows.

License

Although the Volatools suite is licensed under the GPL, much of its functionality is contained in a separate closed source library, Pykvm. This library is licensed under a separate agreement.

History

Volatools Basic was first released at the Blackhat Federal conference in February 2007. The professional version and an acquisition product, Komoku Acquisition Suite are scheduled to be released in 2007.

External Links