Jump to content
Nytro

Volafox Mac OS X Memory Analysis Toolkit

By Nytro, in Programe utile

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=2]Volafox Mac OS X Memory Analysis Toolkit[/h] date.png May 4th, 2014 user.png Mourad Ben Lakhoua

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this tool:

  • MAC Kernel version, CPU, and memory specification
  • Mounted filesystems
  • Kernel Extensions listing
  • Process listing
  • Task listing (Finding process hiding)
  • Syscall table (Hooking detection)
  • Mach trap table (Hooking detection)
  • Network socket listing (Hash table)
  • Open files listing by process
  • Show Boot information
  • EFI System Table, EFI Runtime Services
  • Print a hostname

You can download the tool on the following link: https://code.google.com/p/volafox/

Sursa: Volafox Mac OS X Memory Analysis Toolkit | SecTechno

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...