VOLIX II v2 - new Version May 2nd, 2014

Volatility Interface & Extension

This project aims to develop a software to extend the use and simplify the handling of the Volatility Framework.

Objectives of VOLIX:

  • Simplify the handling of Volatility
    • Provide a more intuitive GUI handling
    • Reduce complex command sequences to a single click
    • Improving usability

  • Increase analysis speed (no tedious typing of commands)
  • Make comparison and correlation of results easier
  • Offer assistance / examples
  • Provide new functions
  • Automated search for malware and analysis of the findings by VirusTotal
  • Detecting of hidden processes and network connections
  • Integrate existing and new plug-Ins
  • Provide a graphical analysis of images in the form of diagrams and/or statistics
  • Generate reports
  • *NEW* Complete support of the Volatility Framework 2.3.1
    • With all Linux and MacOS plugins

  • *NEW* Improved helpfile with a complete investigation example
  • *NEW* A questionaire can be filled in, that will be analysed by VOLIX II and based on this the plugins will be inserted
  • *NEW* The investigation is now mostly automated
  • *NEW* A new plugin will be started as soon as another one ends
    • Up to three plugins will run simultaneously

     

    • Results are parsed to set parameters for the plugins that are started next

  • *NEW* A complete final report can now be created at any time
  • *NEW* John the Ripper was integrated into Volix II to crack SAM hashes

Screeshots

 

Load RAM Image

 

Malware search

 

Malware results

 

*NEW* crack SAM-Hashes

 

*NEW* Final report

 

Information on the project:

  • The project started in Spring 2013 and is still ongoing.
  • Comments and suggestions are appreciated.
  • If you want to be kept informed about this project, subscribe to our Volix Newsletter (you need to register for that).

Members of the project team:

Current project members:

Patrick Bock

Rene Woelker

 

Former projekt members:

Steffen Logen

 

Messages to the VOLIX-Team:

volix@etechnik.fh-aachen.de

Downloads

Current Version

Alpha:
Volix IIv2.rar
SHA256:   343205d1a8a9f22415696b50d803509bb96667c362b2a561bacb8ecfb1cd6786
SHA1:       80b6f66ecb7759567933b76229c21c89542bcbfe
MD5:     8d2081441f4a41bdcccfb16ef411504c


 Previous versions:

Alpha:
VolixII_x86.rar

SHA256:    568c587e5e80e91e64f6171a80bc9ed919c71ee8a90ea5be8be8c509170c570a
SHA1:    34b08e56f347dbb372e73b1332f870d46debfc5e
MD5:     831f69ad71d32cc522e3d792e481c7e7

VolixII_x64.rar
SHA256:   104f60d27e56f02e268a1929383388d7c8896b77a3cf02ae4f557fb081a55617
SHA1:    d4f881cddbc5515aa9cde20de367791b1738bc69
MD5:     60db58eccc5052ebbd66a5e2972021b5

Manual (German)

 

 

Material from ARES 2012:

© FH Aachen (2011-2014)

 

 

x