system/volatility3: Added (memory extraction utility framework.)

Signed-off-by: Dave Woodfall <dave@slackbuilds.org> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
author: Barry J. Grundy <bgrundy AT linuxleo.com> 2022-05-12 17:52:54 +0100
committer: Willy Sudiarto Raharjo <willysr@slackbuilds.org> 2022-05-14 19:27:59 +0700
commit: 23d779c2186498872390742bf3c0f28a6fa86699 (patch)
tree: 9f4bbc86d660fc03286c140a87b7622899319948 /system/volatility3/README
parent: f39578d5381b1afbe6eaeddd4813aeb3b9640d7d (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/system/volatility3/README b/system/volatility3/README
new file mode 100644
index 0000000000000..84e96b75a43a4
--- /dev/null
+++ b/system/volatility3/README
@@ -0,0 +1,18 @@
+Volatility Framework - Volatile memory extraction utility framework.
+
+Volatility is the world's most widely used framework for extracting 
+digit artifacts from volatile memory (RAM) samples. The extraction 
+techniques are performed completely independent of the system being 
+investigated but offer visibility into the runtime state of the system.
+The framework is intended to introduce people to the techniques and 
+complexities associated with extracting digital artifacts from volatile
+memory samples and provide a platform for further work into this 
+exciting area of research.
+
+In 2019, the Volatility Foundation released a complete rewrite of the
+framework, Volatility3. 
+
+The following are optional dependancies:
+  - capstone
+  - jsonschema
+
author	Barry J. Grundy <bgrundy AT linuxleo.com>	2022-05-12 17:52:54 +0100
committer	Willy Sudiarto Raharjo <willysr@slackbuilds.org>	2022-05-14 19:27:59 +0700
commit	23d779c2186498872390742bf3c0f28a6fa86699 (patch)
tree	9f4bbc86d660fc03286c140a87b7622899319948 /system/volatility3/README
parent	f39578d5381b1afbe6eaeddd4813aeb3b9640d7d (diff)