This project bridges the powerful memory forensics capabilities of the Volatility 3 Framework with Large Language Models (LLMs) through the Model Context Protocol (MCP). It allows you to perform memory forensics analysis using natural language by exposing Volatility plugins as MCP tools that can be invoked directly by Claude or other MCP-compatible LLMs.
まだレビューはありません. 最初のレビューを投稿しましょう!
会話に参加するにはサインインしてください
Shows all Volatility plugins you can use.
Provides information about a memory dump file.
Shows the process hierarchy.
Lists processes from the process list.
Scans for processes including ones that might be hidden.
Shows network connections in the memory dump.
Detects potential code injection.
Shows command line arguments for processes.
Lists loaded DLLs for processes.
Shows file handles and other system handles.
Scans for file objects in memory.
Shows the memory map for a specific process.
Run any Volatility plugin with custom arguments.
Find memory dumps in a directory.
