Volatility 2.2 RC1 is available for download!<div><br></div><div>This release includes over 50 new plugins and the new LiME address space. About 35 plugins are for support of 32- and 64-bit Linux kernels 2.6.11 - 3.5 on distributions such as Ubuntu, CentOS, Fedora, OpenSuSE, and Mandriva. About 14 are for analyzing undocumented kernel data structures in win32k/GUI space on windows. As an added bonus, there are plugins to parse event records structures, calculate service SIDs from the registry, and maybe a few additional surprises before the release. </div>
<div><br></div><div>If you haven&#39;t checked recently, we&#39;ve also redone the wiki entirely for better organization and documentation. There are two pages specifically that you should know about for 2.2 - the main release page (with direct downloads to the code) and the linux tutorial:</div>
<div><br></div><div><a href="http://code.google.com/p/volatility/wiki/Release22">http://code.google.com/p/volatility/wiki/Release22</a></div><div><a href="http://code.google.com/p/volatility/wiki/LinuxMemoryForensics">http://code.google.com/p/volatility/wiki/LinuxMemoryForensics</a></div>
<div><br></div><div>Please note that the 2.2 command reference will remain unfinished until the proper 2.2 release. </div><div><br></div><div>Enjoy!</div>