collection of tools for the extraction of digital artifacts from volatile memory (RAM) samples
The Volatility Framework is a completely open collection of tools for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research.
The Volatility Framework is a completely open collection of tools for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research.
To install volatility, run the following command in macOS terminal (Applications->Utilities->Terminal)
sudo port install volatility
To see what files were installed by volatility, run:
port contents volatility
To later upgrade volatility, run:
sudo port selfupdate && sudo port upgrade volatility
Reporting an issue on MacPorts Trac
The MacPorts Project uses a system called Trac to file tickets to report bugs and enhancement requests.
Though anyone may search Trac for tickets, you must have a GitHub account in order to login to Trac to create tickets.