PassMark.VolatilityWorkbenchVolatility Workbench is a graphical user interface (GUI) for the Volatility tool.
$ winget install --id PassMark.VolatilityWorkbench --exact --version 3.0.1014Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.
For Intune admins
Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph — no manual repackaging, no chasing vendor sites.
See Pckgr's app libraryVolatility is a command line memory analysis and forensics tool for extracting
artifacts from memory dumps. Volatility Workbench is free, open source and runs
in Windows. It provides a number of advantages over the command line version
including,
- No need to install Python script interpreter.
- No need of remembering command line parameters.
- Storage of the platform and process list with the memory dump, in a .CFG file.
When a memory image is re-loaded, this saves a lot of time and eliminates the
need to get process list each time.
- Automatic platform detection with .CFG files
- Simpler copy & paste.
- Simpler printing of paper copies (via right click).
- Simpler saving of the dumped information to a file on disk.
- A drop down list of available commands and a short description of what the
command does.
- Time stamping of the commands executed.
- Auto-loading the first dump file found in the current folder.
- Support for analysing Mac and Linux memory dumps.
- Up to 20% increase in speed compared to interpreted version.
| Architecture | Type | Scope | Install | Download |
|---|---|---|---|---|
| neutral | zip | - | Direct |
Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.