It's a powerful command-line tool that is able to run on any machine that runs Python. Rekall is my favorite memory analysis tool. From state of the art acquisition tools, to the most advanced open source memory analysis framework. Rekall provides an end-to-end solution to incident responders and forensic analysts. Many of the innovations implemented within Rekall have been published in peer reviewed papers. Rekall implements the most advanced analysis techniques in the field, while still being developed in the open, with a free and open source license. While it began life purely as a memory forensic framework, it has now evolved into a complete platform. Rekall is an advanced forensic and incident response framework.
0 kommentar(er)
