«

»

Print this Post

Volatility Interface & Extensions

This project aims to develop a software to extend the use and simplify the handling of the Volatility Framework .

Objectives of VOLIX:

  • Simplify the handling of Volatility
    • Provide a more intuitive GUI handling
    • Reduce complex command sequences to a single click
    • Improving usability
  • Increase analysis speed (no tedious typing of commands)
  • Make comparison and correlation of results easier
  • Offer assistance / examples
  • Provide new functions
  • Automated search for malware and analysis of the findings by VirusTotal
  • Detecting of hidden processes and network connections
  • Integrate existing and new plug-Ins
  • Provide a graphical analysis of images in the form of diagrams and/or statistics
  • Generate reports
  • *NEW* Complete support of the Volatility Framework 2.3.1
    • With all Linux and MacOS plugins
  • *NEW* Improved helpfile with a complete investigation example
  • *NEW* A questionaire can be filled in, that will be analysed by VOLIX II and based on this the plugins will be inserted
  • *NEW* The investigation is now mostly automated
  • *NEW* A new plugin will be started as soon as another one ends
    • Up to three plugins will run simultaneously
    • Results are parsed to set parameters for the plugins that are started next
  • *NEW* A complete final report can now be created at any time
  • *NEW* John the Ripper was integrated into Volix II to crack SAM hashes

http://www.it-forensik.fh-aachen.de/projekte/volix/13

Permanent link to this article: http://www.darknessgate.com/2014/11/11/volatility-interface-extensions/