VolUtility: volatility web interface

The Volatility Framework is fully open collection tools implemented in Python under the GNU General Public License, to extract digital artifacts samples from volatile memory (RAM).

Web interface for nonvolatile memory analysis (Web Interface for Volatility Memory Analysis), VolUtility launches plugins and stores the output data in the mongo database. This framework is a Web interface retrieves files from plugins (that support the dump-dir) and store them in a database, as well as looking at all the plug-ins and content files using the search string and the rules of yara. It allows you to continue to work with multiple images in a single database.

Installation

$ sudo apt-get update && sudo apt-get upgrade

$ sudo apt-get install python-dev python-pip git libimage-exiftool-perl

 

We need volatility 2.5 or later.

$ cd ~/

$ git clone https://github.com/volatilityfoundation/volatility
$ cd volatility
$ sudo python setup.py install

 

Mongo & PyMongo

sudo pip install pymongo

sudo pip install django
sudo pip install virustotal-api

 

git clone https://github.com/kevthehermit/VolUtility

 Usage

cd VolUtility


./manage.py runserver 0.0.0.0:8000

Open your browser and go to http://your.ip:8000

 

Demo

Source: Github