Interview with Jamie Levy, Core Developer, Volatility Project

Jamie, you’re currently working on the Volatility project. Tell us a bit more about the project and its aims.

The Volatility Framework is an open source project that allows people to analyze memory samples from various operating systems and hardware architectures. It’s written in Python, which allows you to take advantage of the abundance of libraries that currently exist for forensic and reverse engineering purposes; this also allows you to run it from any operating system that has Python installed. Volatility allows you to view the memory sample as the operating system sees it (similar to WinDBG), but it also allows you to carve for objects in unallocated memory (that are inaccessible to traditional debuggers). Volatility has an easy to use API, so you can easily extend it to your needs and build custom plugins for new artifacts as well.

Read More

Leave a Comment