VolUtility: volatility web interface

The Volatility Framework is fully open collection tools implemented in Python under the GNU General Public License, to extract digital artifacts samples from volatile memory (RAM).

Web interface for nonvolatile memory analysis (Web Interface for Volatility Memory Analysis), VolUtility launches plugins and stores the output data in the mongo database. This framework is a Web interface retrieves files from plugins (that support the dump-dir) and store them in a database, as well as looking at all the plug-ins and content files using the search string and the rules of yara. It allows you to continue to work with multiple images in a single database.


$ sudo apt-get update && sudo apt-get upgrade

$ sudo apt-get install python-dev python-pip git libimage-exiftool-perl


We need volatility 2.5 or later.

$ cd ~/

$ git clone https://github.com/volatilityfoundation/volatility
$ cd volatility
$ sudo python setup.py install


Mongo & PyMongo

sudo pip install pymongo

sudo pip install django
sudo pip install virustotal-api


git clone https://github.com/kevthehermit/VolUtility


cd VolUtility

./manage.py runserver

Open your browser and go to http://your.ip:8000



Source: Github