Rekall is an advanced forensic and incident response framework. While
it began life purely as a memory forensic framework, it has now evolved
into a complete platform. Rekall implements the most advanced analysis
techniques in the field, while still being developed in the open, with a
free and open source license. Many of the innovations implemented within
Rekall have been published in peer reviewed papers .
Rekall provides an end-to-end solution to incident responders and forensic
analysts. From state of the art acquisition tools, to the most advanced
open source memory analysis framework.