Friday, June 29, 2012

Announcing Mac Support in Volatility


I am writing to announce that Volatility now supports captures from Mac systems! I gave a talk on the new capabilities at the recent SANS DFIR Summit.  The presentation can be found here. Complete information on how to access the branch and create profiles can be found here:

http://code.google.com/p/volatility/wiki/MacMemoryForensics

The wiki page will be updated as user-visible changes are made to the branch. Otherwise, you should check back here often as many more plugins and analysis features will be released in the coming months.

If you have any questions you can find me on Twitter (@attrc), leave a comment on the blog, or shoot me an Email.




No comments:

Post a Comment