- Vol-users - volatilityfoundation.org

Volatility 3 Public Beta: The Insider’s Preview

by AAron Walters

If you are interested in learning more about Volatility 3 and getting access to the first public pre-release, please vote for the Volatility Development Team’s OSDFCon submission (#26. Volatility 3 Public Beta: The Insider’s Preview). Voting ends 6/26/2019. https://www.surveymonkey.com/r/osdfconvoting2019 OSDFCON SUBMISSION DETAILS Volatility 3 Public Beta: The Insider’s Preview Since its initial public release over a decade ago, Volatility has attracted one of the largest and most active communities of users and developers in the digital forensics industry. As a result of those contributions, it has become the world’s most advanced and widely used memory forensics platform. In the digital forensics research community, Volatility has served as the foundation of a thriving ecosystem that continues to facilitate the rapid transition of cutting-edge technologies into the hands of digital investigators across the globe. During the same period, the industry has continued to evolve the way that operating systems are developed, deployed, and maintained. Similarly, the skillsets of memory analysts and their preferred work flows have changed to meet a world with increasingly large volumes of complex data. To address these challenges, the Volatility development team has been actively architecting and developing an entirely new version of the framework, while simultaneously supporting users of the current stable version. This presentation will be the first public introduction and pre-release of Volatility 3. It will highlight how this new framework compares to previous versions of Volatility and other Volatility-based tools. The discussion will also highlight many new features and describe our new contributor focused license. Finally, we will discuss ways the community can help contribute to the official launch of Volatility 3! Thanks, AAron Walters The Volatility Foundation

6 years, 2 months

1
0
0 0

1 day left for OSDFCon Submissions

by Brian Carrier

The CFP deadline is tomorrow for the 10th Annual Open Source Digital Forensics Conference (OSDFCon). The conference will be held on Oct 16, 2019. There are openings for: * 10-minute short talks * 35-minute in-person talks * 35-minute remote talks * 3-hour hands on workshops https://www.osdfcon.org/2019-event/2019-call-for-presentations/ Please submit your ideas about open source tools you've developed, used, or want to exist. The event is 1-day long with 400+ attendees. It's the biggest open source digital forensics event and the biggest DFIR event in the Metro DC region. All you need to submit is an abstract and then we'll crowd source the agenda. thanks, brian

6 years, 3 months

1
0
0 0

Upcoming Memory Forensics Training in Reston

by Andrew Case

We wanted to send a reminder that our next Malware and Memory Forensics training offering will be in Reston in April. We are about 8 weeks away now and already have a number of seats filled. Our courses in the Reston/Herndon area generally sell out early so please contact us ASAP if you wish to attend. Full information can be found here: https://volatility-labs.blogspot.com/2018/11/malware-and-memory-forensics-t… We are looking forward to meeting many of you there!

6 years, 6 months

1
0
0 0

Test

by Jamie Levy

This is just a test, ignore.

6 years, 7 months

1
0
0 0

Announcing our memory forensics trainings for 2019!

by Andrew Case

We are excited to announce our public Malware and Memory Forensics training offerings for 2019! We will be headed back to Herndon in the Spring and to Herndon and London in the Fall. Full details of the training, including a list of newly updated material, can be found on our blog post: https://volatility-labs.blogspot.com/2018/11/malware-and-memory-forensics-t… We deeply appreciate your continued support for Volatility and our trainings, and we are excited for another great year of open source memory forensics research and development. -- The Volatility Team

6 years, 9 months

1
0
0 0

Extending the LiME Format

by Joe Sylve

Since there seems to be a renewed interest in LiME and it's format, I think it's time that we extend the format to include the storage of optional metadata. Anything that can be collected at acquisition time saves the need for scanning and other possibly more complex processes during analysis. Formats like AFF4 are great, but are too complex to implement in the kernel. I'd like to crowdsource opinions on how the LiME format should be extended. When contributing thoughts please keep the following in mind. - Changes to the format should not break existing parsers - To minimize the number of future changes, the enhancements should be as flexible as possible. For example, I've heard rumors that the LiME format is being used in acquisition tools that target more than just Linux, so I'd prefer a generic key/value store for metadata rather than any hardcoded solution. - Whatever we collect during acquisition time (at least in LiME) must be easily accessible from a kernel module What are your thoughts? What metadata should be collected? Obvious answers that come to mind are DTB, kernel virtual base address, and KASLR slide, but I'm sure there are more.

6 years, 10 months

1
0
0 0

Volatility at OSDFCON!

by Andrew Case

We wanted to send a quick note that we will have a sponsor table tomorrow at OSDFCON. Please come by and see us during the day and also during the conference social at night. If you are a previous training course alumni and/or a past Volatility contributor then please stop by as we will have some special edition swag for you: https://twitter.com/volatility/status/1052210342577795073 We will also be raffling a free seat for one of our 2019 trainings offerings: https://twitter.com/volatility/status/1050769125080006658 We are looking forward to seeing many of you tomorrow!

6 years, 11 months

1
0
0 0

Memory Forensics training in Herndon in October

by Andrew Case

Our last public Malware and Memory Forensics training course for 2018 is coming up soon. The class will run from Monday, October 15th through Friday, October 19th. Information on the course can be found at the following URLs: https://volatility-labs.blogspot.com/2018/02/malware-and-memory-forensics-t… https://www.memoryanalysis.net/memory-forensics-training This has been our largest class of the year for the last several years and has sold out early. If you are planning to attend then please contact us ASAP.

7 years

1
0
0 0

Deadline for Volatility Plugin Contest and Volatility Analysis Contest Approaching!

by Andrew Case

We wanted to send a reminder as the deadline for both the Volatility Analysis Contest AND the Volatility Plugin Contest is approaching: https://volatility-labs.blogspot.com/2018/05/the-6th-annual-volatility-plug… The Plugin contest gives you the opportunity to showcase your research and development skills. The Analysis Contest lets you showcase your memory forensics skills against malware and real-world IR situations. Both contests have a number of prizes and a bunch of swag ready for the winners. We hope to see many great submissions, and we look forward to reviewing them all! Thanks, The Volatility Team

7 years

1
0
0 0

Volatility profile for Solaris & AIX

by Brent Muir

Hi list, Apologies for the cross-post. Has anyone created a Volatility profile for Solaris or AIX that they would be willing to share? I am also searching for a way/tool to image RAM from Solaris and AIX operating systems. If anyone has any experience in this area please get it touch. Thanks, Brent Muir

7 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Vol-users