Skip to content
This repository has been archived by the owner. It is now read-only.
Choose a tag to compare

Release 1.4.1 Etzel

@scudette scudette released this
· 297 commits to master since this release
Choose a tag to compare

This is a bugfix release with few new features:

  • A new live plugin is added that allows Rekall to install kernel drivers by itself.
  • The aff4acquire plugin now uses the live plugin to just acquire the image. Acquisition is now a simple matter of:
rekall aff4acquire myimage.aff4
  • New MacPmem driver for OSX acquisition.
  • Bugfixes around Xen support should make it more reliable now.

As usual the best way to install from source is via pip:

pip install rekall