Jump to content
Nytro

Volafox Mac OS X Memory Analysis Toolkit

By Nytro, in Programe hacking

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=2]Volafox Mac OS X Memory Analysis Toolkit[/h]May 4th, 2014 user.png Mourad Ben Lakhoua

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this tool:

  • MAC Kernel version, CPU, and memory specification
  • Mounted filesystems
  • Kernel Extensions listing
  • Process listing
  • Task listing (Finding process hiding)
  • Syscall table (Hooking detection)
  • Mach trap table (Hooking detection)
  • Network socket listing (Hash table)
  • Open files listing by process
  • Show Boot information
  • EFI System Table, EFI Runtime Services
  • Print a hostname

volafox.png

Screenshot for volafox (click to enlarge)

You can download the tool on the following link: https://code.google.com/p/volafox/

Sursa: Volafox Mac OS X Memory Analysis Toolkit | SecTechno

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...