Home
Skalle is a solo project Supervised by: Dr. Maryam Adel
if you prefer to read from a pdf here you go Skalle-Documentation.pdf
Skalle is a volatility add one, it doesn’t take away any of its features or great performance, Skalle made it easier than ever to use a memory forensic tool, removing the need for configuring volatility and removing the need to remember its command, instead Skalle does this all for you providing shortcuts for all commands and all you need to do to get Skalle running volatility is providing the “vol.py” path for the first time only using the tool, Skalle is available for Windows and MacOS running latest apple chips!.
Setting up a memory forensics tool can be intimidating and frustrating but with Skalle its easier than ever, all you have to do is install the right version of Skalle for your device from the Github releases page along with volatility3 and python3 and that’s it no setup required for anything nor configuring anything with your device. Skalle removed the need for memorizing the volatility commands but if you can’t find the right command from the list you can always type it the old fashion way and Skalle will forward it to volatility. To start the prosses you need to first select “vol.py” from the Volatility directory downloaded at the path “volatility3-2.11.0/volatility3-2.11.0/vol.py” (you will only need to do this once ) and select any type of memory dump then choose the volatility plugin to start.
Installing Skalle is very straight forward no configuration needed (literally just click install),
first thing first head to the program page at https://github.com/Abdullah4345/Skalle and
select releases and choose the best fitting version for your OS whether its Windows or
MacOS. Note that you need to have volatility3 and python3 for volatility you can download
it here https://github.com/volatilityfoundation/volatility3.
