A professional, AI-powered memory forensics platform that provides comprehensive analysis of memory dumps through an intuitive, modern interface.
- Modern Interface: Clean, dark-themed UI built with React and Tailwind CSS
- Memory Analysis: Comprehensive memory dump analysis using Volatility 3 plugins
- Real-time Progress: Live progress tracking during forensic scans
- Results Export: Save analysis results in JSON format
- Debug Logging: Comprehensive logging system for troubleshooting
- Plugin Management: Easy selection and management of Volatility plugins
- Node.js 16.x or later
- Python 3.6 or later
- Volatility 3 framework
- Electron
- Clone the repository:
git clone <repository-url>
cd volatility-gui- Install dependencies:
npm install- Install frontend dependencies:
cd frontend
npm install
cd ..To run the application in development mode:
npm startThis will start both the React development server and the Electron application.
To build the application for distribution:
npm run build
npm run electron-pack- Launch MemHawk
- Select a memory dump file using the "Select Image" button
- Choose the Volatility plugins you want to run
- Click "Start Scan" to begin analysis
- View results in real-time as they complete
- Save results using the "Save" button
- Use the "Logs" button to view debug information
- Raw memory dumps (.raw, .mem, .dmp)
- VMware memory files (.vmem)
- VirtualBox core dumps
- Physical memory images (.img, .dd)
- Adriteyo Das
- Anvita Warjri
- Shivam Lahoty
MIT License