![]() ![]() VMware Saved State (.vmss) and Snapshot (.My son got a MacBook Pro M2 Max version. Plugins to scan Linux process and kernel memory with Yara signaturesĭump LKMs to disk, and check TTY devices for rootkit hooksĬheck the ARM system call and exception vector tables for hooksģ2- and 64-bit Windows 7 (all service packs)ģ2- and 64-bit Windows Server 2008 (all service packs)Ħ4-bit Windows Server 2008 R2 (all service packs)ģ2- and 64-bit Windows Vista (all service packs)ģ2- and 64-bit Windows Server 2003 (all service packs)ģ2- and 64-bit Linux kernels from 2.6.11 to 3.5ģ2-bit 10.5.x Leopard (the only 64-bit 10.5 is Server, which isn't supported)Ħ4-bit 10.8.x Mountain Lion (there is no 32-bit version) New ARM address space for Linux and Android devices on ARM ![]() Over 30+ plugins for Mac memory forensics ![]() New MachO address space for 32- and 64-bit Mac memory samples ![]() Plugins to extract metadata from all of these new formats VMware saved state (vmss) and snapshot (vmsn) files Svcscan automatically queries the cached registry for service DLLsĭlllist shows load count to distinguish between static and dynamic loaded DLLsĪdded support for VirtualBox ELF64 core dumps Screenshots plugin shows text for window titles Psxview plugin adds two new sources of process listings from the GUI API We also included a number of other exciting new capabilities, such as dumping cached files, exploring process privileges, analyzing Virtualbox and VMware saved state and snapshot files, and carving IE history URLs and MFT records.ĭownload the Volatility 2.3.1 Windows Standalone Executableĭownload the Volatility 2.3.1 Windows Python Module Installerĭownload the Volatility 2.3.1 Source Code (.zip)ĭownload the Volatility 2.3.1 Source Code (.tar.gz) ĭecrypt configurations for Poison Ivy, Zeus, and CitadelĪpihooks detects Duqu style instruction modifications (MOV reg32, imm32 JMP reg32)Ĭrashinfo displays uptime, systemtime, and dump type The main goal of this release was Mac OS X (x86, 圆4) and Android ARM support. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |