diff options
Diffstat (limited to 'system/volatility3/README')
| -rw-r--r-- | system/volatility3/README | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/system/volatility3/README b/system/volatility3/README new file mode 100644 index 0000000000..84e96b75a4 --- /dev/null +++ b/system/volatility3/README @@ -0,0 +1,18 @@ +Volatility Framework - Volatile memory extraction utility framework. + +Volatility is the world's most widely used framework for extracting +digit artifacts from volatile memory (RAM) samples. The extraction +techniques are performed completely independent of the system being +investigated but offer visibility into the runtime state of the system. +The framework is intended to introduce people to the techniques and +complexities associated with extracting digital artifacts from volatile +memory samples and provide a platform for further work into this +exciting area of research. + +In 2019, the Volatility Foundation released a complete rewrite of the +framework, Volatility3. + +The following are optional dependancies: + - capstone + - jsonschema + |