applications/forensics tools

avml - AVML - Acquire Volatile Memory for Linux

Website: https://github.com/microsoft/avml
License: MIT
Vendor: cert.org
Description:
AVML is an X86_64 userland volatile memory acquisition tool written in Rust, intended to be deployed as a static binary.
AVML can be used to acquire memory without knowing the target OS distribution or kernel a priori. No on-target compilation or fingerprinting is needed.

Features:
 * Save recorded images to external locations via Azure Blob Store or HTTP PUT
 * Automatic Retry (in case of network connection issues) with exponential backoff for uploading to Azure Blob Store
 * Optional page level compression using Snappy.
 * Uses LiME output format (when not using compression).

Memory Sources
 * /dev/crash
 * /proc/kcore
 * /dev/mem

Packages

avml-0.13.0-1.el9.src [52 KiB] Changelog by Lawrence R. Rogers (2023-10-02):
* Release 0.13.0-1
	Version 0.13.0

Listing created by Repoview-0.6.6-4.el7