Variability: An ncurses-based frontend for Volatility.

• Volatility
• A full memory dump compatible with Volatility

• If you are running a malware sample in VirtualBox, you can dump memory from within Variability:
• Edit config.ini VMNAME field to match the name of your target VM.
• Press 'd' and wait for the dump to complete (it will be created at the path specified in config.ini).
• Alternately, you can manually run: VBoxManage debugvm <uuid|vmname> dumpvmcore

• Use a popular memory dumping tool such as DumpIt
• Specify this dumpfile from the command line.

To run with an existing memory dump:

python run.py /path/to/dump.bin