We have announced the winners of the 2025 @volatility #PluginContest! And the First Place is:
Daniel Baier for XFRM Inspector
Read the full Contest Results in our blog post:
https://volatilityfoundation.org/the-2025-volatility-plugin-contest-results-are-in/
Congrats to all winners & thank you to all participants!
#DFIR #memoryforensics
The 2025 @volatility #PluginContest review is complete! This year we received 8 submissions from 7 different countries that included 20 plugins. It's exciting to see how #memoryforensics researchers continue to innovate & contribute to #Volatility3.
The First Place winner of the 2025 #Volatility #PluginContest is:
Daniel Baier for XRFM Inspector
Check out the full Contest Results, along with a detailed summary of all submissions, in our blog post: https://volatilityfoundation.org/the-2025-volatility-plugin-contest-results-are-in/
Congrats to all winners & thank you to all participants!
Special thanks to the core developers & previous winners who helped review this year's submissions.
Memory Analysis for #Linux has always been a bit hit-or-miss. Trail of Bits has released a tool called #mquire that doesn't require debug symbols for the originating Kernel.
It also uses SQL-based queries to perform analysis, similar to #OSquery.
https://blog.trailofbits.com/2026/02/25/mquire-linux-memory-forensics-without-external-dependencies/
@volatility New Release: #volatility3 v2.27.0 - visit https://github.com/volatilityfoundation/volatility3/releases for details and downloads.
RE: https://infosec.exchange/@volatility/115814731683234734
And that’s it! The 2025 @volatility #PluginContest is now closed. Stay tuned for winner announcements in the coming weeks! And good luck to all contenders!
#memoryforensics #opensource #dfir
RE: https://infosec.exchange/@volatility/115458205680531341
The @volatility #PluginContest closes on Dec 31, 2025! Make sure to submit your entry by the deadline! If you’re looking for inspiration, take a look at our roll call of past contest submissions: https://volatilityfoundation.org/volatility-plugin-contest/#plugin-contest-rollcall
Update:
Our velociraptor plugin `Windows.Memory.Mem2Disk` can detect RAM injections and fileless malware.
We tested it against (among others) the C2 frameworks Sliver, Havoc and Mythic. All three were detected.
It was recently featured in a blog post by Mike Cohen:
https://docs.velociraptor.app/blog/2025/2025-11-15-memory-analysis-pt1
Stay tuned for memory analysis with velo part 2!
#C2 #detection #memoryforensics #velociraptor #DFIR #cybersecurity #infosec #pwr2
Awesome blogpost on how to dump shm on Linux:
https://isc.sans.edu/diary/How+to+collect+memoryonly+filesystems+on+Linux+systems/32432/
The 13th annual @volatility #PluginContest is OPEN for submissions! This contest is designed to encourage research & development in the field of #memoryanalysis. Every year, contributions from all around the world continue to help build the next generation of #memoryforensics.
Make sure to get your submissions in by 31 December 2025.
More details can be found here: https://volatilityfoundation.org/the-13th-annual-volatility-plugin-contest-is-open/
volatility
Josh Lemon
N-gated Hacker News
Power of 2
13reak 