Volatility Workbench is a graphical user interface (GUI) for the Volatility tool. Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is a free open source tool that provides a graphic user interface for the Volatility memory analysis forensics tool.

It provides a number of advantages over the command line version including:

  • No need of remembering command line parameters.
  • Storage of the operating system profile, KDBG address and process list with the memory dump, in a .CFG file. When a memory image is re-loaded, this saves a lot of time and avoids the frustration of not knowing the correct profile to select.
  • Simpler copy & paste.
  • Simpler printing of paper copies (via right click).
  • Simpler saving of the dumped information to a file on disk.
  • A drop down list of available commands and a short description of what the command does.
  • Time stamping of the commands executed.
  • Auto-loading the first dump file found in the current folder.
  • Support for analysing Mac and Linux memory dumps.

The current version of Volatility Workbench is v2.0:

https://www.osforensics.com/downloads/VolatilityWorkbench.zip

Dawood Khan
Geek, Blogger, Political Activist, Green building lover, The Housing Bubble. I feed my cats poptarts. And fairy tales are full of shit.

You may also like

Comments

Leave a Reply

More in Tools