Follow the GoResolver GitHub repo for future updates: github.com/volexity/GoR...
Special thanks to Killian Raimbaud for these updates & Ivan Maldenov for his work on the type recovery feature during his Volexity internship. [8/8]
Existing report files remain fully compatible with GoResolver v1.4. Previously generated JSON reports can still be imported using the latest plugin versions; there is no need to re-analyze old samples. [7/8]
GoResolverβs Ghidra plugin now includes an ANALYZE mode for in-SRE analysis. After running, GoResolver automatically imports recovered symbols and types into Ghidra's database. Go version management for Ghidra still requires the CLI. [6/8]
The IDA Pro plugin for GoResolver now supports full in-SRE analysis. GoResolver is available in Hex-Raysβs plugin repository and is installable via HCLI. The updated interface displays installed/available Go versions & allows version management without the CLI. [5/8]
GoResolver v1.4 introduces Go type recovery via the new "-y" flag, and includes new capabilities to extract type names, structures, and kinds from obfuscated binaries. Browsing the binaryβs types is now much easier and works with your SREβs cross-referencing feature. [4/8]
To improve accuracy, GoResolver can now automatically detect which Go version a binary was compiled with and select the closest available version for analysis. This release also optimizes how users list, install & remove Go versions directly from the CLI. [3/8]
With this release, GoResolverβs CLI has been restructured into two core commands, "resolve" for binary analysis & "manage" for handling Go installations, making the toolchain cleaner and easier to navigate. [2/8]
@volexity.com recently released GoResolver v1.4, bringing significant updates to our #opensource tool for recovering symbol data from obfuscated Go binaries. This release is available on GitHub: github.com/volexity/GoR... [1/8]
We are excited to announce the First Place winner of the 2025 #Volatility #PluginContest is:
Daniel Baier for XRFM Inspector
See the full Contest Results in our blog post: volatilityfoundation.org/the-2025-vol...
Congrats to all winners & thank you to all participants!
#DFIR #memoryforensics
Volatility New Release: #volatility3 v2.27.0 - visit github.com/volatilityfo... for details and downloads.
#memoryforensics #dfir
Contact us for more information about Volexity Volcano Server & Volcano One: volexity.com/company/cont... [3/3]
Volexity Volcano Server & Volcano One v25.12.18 also adds cross-account s3 bucket monitoring, automated health check alerts, SAML role mappings, and increased auditing. [2/3]
Volexity Volcano Server & Volcano One v25.12.18 adds 300+ YARA rules, full parsing of Windows prefetch and Linux cron jobs, inline syscall hooking detection, and 5-level page table support. [1/3]
And thatβs it! The 2025 #Volatility #PluginContest is now closed. Stay tuned for winner announcements in the coming weeks! And good luck to all contenders!
#memoryforensics #opensource #dfir
Today is the last day to submit entries to the #PluginContest! This is your chance to gain industry-wide visibility for your work, contribute to an important open-source project, and compete for cash prizes! More details below!π
There are only 2 days left to submit your entries to the #Volatility #PluginContest! The deadline is Wednesday!
You have 5 more days to submit your entries to the #Volatility #PluginContest!
There are 9 days left to submit entries to the #Volatility #PluginContest! Make sure to get your submissions in by the deadline!
The @volatilityfoundation.org #PluginContest closes on Dec 31, 2025! Make sure to submit your entry by the deadline! If youβre looking for inspiration, take a look at our roll call of past contest submissions: volatilityfoundation.org/volatility-p....
#memoryforensics
@volexity.com tracks a variety of threat actors abusing Device Code & OAuth authentication workflows to phish credentials, which continue to see success due to creative social engineering. Our latest blog post details Russian threat actor UTA0355βs campaigns impersonating European security events.
@stevenadair.bsky.social recently spoke with Here & Nowβs Scott Tong (@npr.org @wbur.org) about @volexity.comβs discovery of China-aligned threat actor UTA0388 using AI + LLMs in targeted phishing attacks. Listen here: www.wbur.org/hereandnow/2...
Check out our recent blog post for more details on how UTA0388 used AI + LLMs in their operations: www.volexity.com/blog/2025/10...
@volexity.com has continued to see nation-state threat actors use AI + LLMs to assist in cyber attacks. Our recent research on a Chinese APT threat actor (UTA0388) using AI in its operation was something @stevenadair.bsky.social recently discussed with the @wsj.com.
The 13th annual @volatility #PluginContest is OPEN for submissions until 31 Dec 2025!
This contest is designed to encourage research & development in the field of #memoryanalysis. Every year, contributions from all around the world continue to help build the next generation of #memoryforensics.
We had a great day yesterday at #FTSCon 2025! FTSCon Week continues with @joegrand.bsky.social's Hardware Hacking Basics + #Volatility Malware & Memory Forensics training with @attrc.bsky.social, Michael Ligh + Dave Lassalle.
@stevenadair.bsky.social is back again!
Founder + President of Volexity leading a team of experts that deal w/ complex cyber intrusions from nation-state level intruders. His talk will cover a Chinese APT actor that Volexity tracks as UTA0388.
Check out the official agenda:
cyberwarcon.com
Registration for #FTSCon 2025 closes tomorrow! We are really excited to see everyone on Monday, October 20th!
APT meets GPT: @volexity.com #threatintel is tracking #threatactor UTA0388's spear phishing campaigns against targets in North America, Europe & Asia, appearing to use LLMs to assist their ops. Letting #AI run your espionage operations? What could go wrong?
We would like to thank @volexity.com for sponsoring the #FTSCon 2025 Evening Reception, which will be at VUE Rooftop DC this year! If you havenβt registered for FTSCon yet, thereβs still time! Registration closes Sunday Oct 12; learn more + register here: volatilityfoundation.org/from-the-sou...
