Talos has won this year's 5th Volatility plugin contest with Pyrebox. Volatility is a well-known open-source framework designed to analyze operating system memory. The framework has existed since 2007. For the previous 5 years they have run a plugin contest to find the most innovative, interesting, and useful extensions for the Volatility framework. Pyrebox is an open-source Python scriptable Reverse Engineering sandbox developed by Talos. Based on QEMU, its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. In this context, Pyrebox is able to interact with Volatility in order to collect information from the memory of the analysed system.

Here is a snippet of this capability:

You can find more information concerning Pyrebox in our blog post.

Talos supports many open-source projects that can be found in our Github repository. We are delighted to share tools with the broader security community and to support thriving open-source communities. In addition to the quantity of projects, this 1st place further demonstrates the excellence of our open source projects.