This repository has been archived by the owner on Oct 18, 2020. It is now read-only.
Release 1.4.1 Etzel
This is a bugfix release with few new features:
- A new live plugin is added that allows Rekall to install kernel drivers by itself.
- The aff4acquire plugin now uses the live plugin to just acquire the image. Acquisition is now a simple matter of:
rekall aff4acquire myimage.aff4
- New MacPmem driver for OSX acquisition.
- Bugfixes around Xen support should make it more reliable now.
As usual the best way to install from source is via pip:
pip install rekall