GitPedia
Home/volatilityfoundation/volatility3/Changelog
volatilityfoundation

volatilityfoundation/volatility3

Volatility 3.0 development

16 Releases
Latest: 1mo ago
Volatility 3 2.28.0v2.28.0Latest
ikelosikelos·1mo ago·April 30, 2026
GitHub

📋 What's Changed

  • Some of the improvements made in this release are as follows:
  • General:
  • Improve Intel layer's [address space scanning](https://github.com/volatilityfoundation/volatility3/pull/1921) by @Abyss-W4tcher
  • Timeliner [body format](https://github.com/volatilityfoundation/volatility3/pull/1941) repetitions fixed by @ikelos
  • Better support for utf-8 on the [windows console](https://github.com/volatilityfoundation/volatility3/pull/1948) by @Androsh7
  • Switch to ruff for [formatting](https://github.com/volatilityfoundation/volatility3/pull/1955) as well as linting by @ikelos
  • Linux:
  • Handle new [bin_attribute format](https://github.com/volatilityfoundation/volatility3/pull/1773) for module sections by @Abyss-W4tcher
  • + 7 more

New Contributors

  • @Androsh7 made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1948
  • @oh2fih made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1960
  • Full Changelog: https://github.com/volatilityfoundation/volatility3/compare/v2.27.0...v2.28.0
Volatility 3 2.27.0v2.27.0
ikelosikelos·4mo ago·January 29, 2026
GitHub

📋 Changes

  • New plugin:
  • `windows.pebmasquerade`
  • Improved `linux.malfind` and `linux.lsof`
  • Slightly improved pdb scanning
  • Fixed linux mount enumeration
  • Behind the scenes improvements on the framework
  • Added arrow/parquet format renderer
  • Enhanced `windows.dlllist` plugin
  • + 4 more

New Contributors

  • @blitztide made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1871
  • @tvanegro made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1853
  • Full Changelog: https://github.com/volatilityfoundation/volatility3/compare/v2.26.2...v2.27.0
Volatility 3 2.26.2v2.26.2
ikelosikelos·8mo ago·September 25, 2025
GitHub

📋 Changes

  • New plugin:
  • `windows.etwpatch`
  • `volshell` now supports breakpoints (also known as watchpoints) that can be applied to a specific layer and offset that will break into python at the point the layer read occurs on that offset.
  • Various fixes across multiple plugins
  • Improved documentation in many areas

New Contributors

  • @JakePeralta7 made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1787
  • @SolitudePy made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1800
  • @geekscrapy made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1813
  • @ddogfoodd made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1815
  • Full Changelog: https://github.com/volatilityfoundation/volatility3/compare/v2.26.0...v2.26.2
Volatility 3 2.26.0v2.26.0
ikelosikelos·1y ago·May 16, 2025
GitHub

📋 Changes

  • `linux.graphics.fbdev`
  • `linux.ip`
  • `linux.kallsyms`
  • `linux.module_extract`
  • `linux.modxview`
  • `linux.pscallstack`
  • `linux.tracing.ftrace`
  • `linux.tracing.perf_events`
  • + 14 more

New Contributors

  • @c0rydoras made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1362
  • @lesander made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1342
  • @TheMythologist made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1402
  • @cgoodwine made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1549
  • @the-rectifier made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1381
  • @Danking555 made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1566
  • @DT9 made their first contribution in https://github.com/volatilityfoundation/volatility3/pull/1698
  • Full Changelog: https://github.com/volatilityfoundation/volatility3/compare/v2.11.0...v2.26.0
Volatility 3 2.11.0v2.11.0
ikelosikelos·1y ago·January 16, 2025
GitHub

📋 Changes

  • New Plugins:
  • `linux.boottime`
  • `linux.ebpf`
  • `linux.hidden_modules`
  • `linux.kthreads`
  • `linux.pagecache`
  • `linux.pidhashtable`
  • `linux.ptrace`
  • + 12 more
Volatility 3 2.8.0v2.8.0
ikelosikelos·1y ago·October 9, 2024
GitHub

📋 Changes

  • New plugins:
  • `vmscan`
  • `linux.netfilter`
  • `windows.hollowprocesses`
  • `windows.kpcrs`
  • `windows.pedump`
  • `windows.processghosting`
  • `windows.psxview`
  • + 17 more
Volatility 3 2.7.0v2.7.0
ikelosikelos·2y ago·May 29, 2024
GitHub

📋 Changes

  • New plugins:
  • `windows.iat`
  • `windows.truecrypt`
  • `linux.library_list`
  • `mac.dmesg`
  • Support for configuration files for common CLI options
  • `windows.driverirp`: Report IRP entries that point inside a hidden module
  • `windows.thrdscan`: Improvements
  • + 3 more
Volatility 3 v2.5.2v2.5.2
ikelosikelos·2y ago·January 31, 2024
GitHub

📋 Changes

  • New Layers:
  • Amazon S3 support
  • Google Cloud Storage support
  • New plugins:
  • `linux.vmayarascan`
  • `windows.mftscan.ads`
  • New features:
  • Dumping of Elf files added to the `elfs` plugin
  • + 4 more
Volatility 3 2.5.0v2.5.0
ikelosikelos·2y ago·September 27, 2023
GitHub

📋 Changes

  • New plugins:
  • Linux capabilities plugin
  • Linux process dumping
  • Add support for Xen ELF file format
  • Improved Linux subsystem support
  • Added tutorials to the documentation
  • Improved core API
Volatility 3 2.4.1v2.4.1
ikelosikelos·3y ago·April 12, 2023
GitHub

📋 Changes

  • New plugins:
  • linux.sockstat
  • linux.iomem
  • linux.psscan
  • linux.envars
  • windows.drivermodule
  • windows.vadwalk
  • Pid filtering for Windows pstree plugin
  • + 5 more
Volatility 3 2.4.0v2.4.0
ikelosikelos·3y ago·December 14, 2022
GitHub

📋 Changes

  • New plugins
  • linux.mountinfo
  • linux.psaux
  • windows.devicetree
  • windows.joblinks
  • windows.ldrmodules
  • windows.mbrscan
  • windows.mftscan
  • + 7 more
Volatility 3 2.0.1v2.0.1
ikelosikelos·4y ago·March 17, 2022
GitHub

A maintenance release to resolve a few issues affecting Windows detection and PDB support.

Volatility 3 2.0.0v2.0.0
ikelosikelos·4y ago·January 12, 2022
GitHub

📋 Changes

  • New plugins such as:
  • Windows networking plugins
  • Windows `crashinfo` and `skeleton_key_check`
  • Linux `kmsg` plugin
  • New layers: AVML and LeechCore
  • QEMU layer performance optimization
  • Improved access to Windows library symbols
  • Better offline and remote support
  • + 3 more
Volatility 3 1.0.1v1.0.1
ikelosikelos·5y ago·February 1, 2021
GitHub

Hotfix release to fix an issue with pypi and setup.py

v1.0.0
ikelosikelos·5y ago·February 1, 2021
GitHub

📋 Changes

  • Much faster operation over volatility 2 (this is largely down to caching of objects)
  • Symbol support (symbols can be downloaded and converted for windows directly)
  • Documentation (the documentation is generated from the code)
  • Better APIs for developers
v1.0.0-beta.1Pre-release
ikelosikelos·6y ago·October 13, 2019
GitHub
← Back to volatility3 wiki