- Works with any Volatility module that provides a SQLite render method (some don’t)
- Automatically detects plugins – If volatility sees the plugin, so will eVOLve
- All results stored in a single SQLite db stored beside the RAM dump
- Web interface is fully AJAX using jQuery & JSON to pass requests and responses
- Uses Bottle module in Python to provide a standalone web server
- Option to edit SQL query to provide enhanced data views with data from multiple tables
- Run plugins and view data from any browser – even a tablet!
- Allow multiple people to review results of single RAM dump
- Multiprocessing for full CPU usage
- Pre-Scan runs a list of plugins at the start
https://github.com/JamesHabben/evolve