Home BSD Memory Analysis Toolkit EN mac Mac OS X Memory Analysis Toolkit Memory Analysis Toolkit Volafox Volafox - Mac OS X & BSD Memory Analysis Toolkit

Volafox - Mac OS X & BSD Memory Analysis Toolkit

By
Friday, May 30, 2014
Read
Add Comment

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this tool:

Information

  1. Kernel version, CPU and memory spec, boot/sleep/wakeup time
  2. Mounted filesystems
  3. Process listing and dump address space
  4. KEXT(Kernel Extensions) listing
  5. System Call / Mach Trap Table (Hooking Detection)
  6. Network socket listing
  7. Open files listing by process
  8. PE State information ( Device Tree, Video Memory Area)
  9. EFI information ( EFI System Table, EFI Configuration Table, EFI Runtime Services)
  10. extract keychain master key candidates
  11. TrustedBSD analysis
  12. other command : uname, dmesg ... etc  


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us