Can I inspect REVEN memory using Volatility? Tetrane Team February 13, 2020 15:43 Updated Follow Yes, you can. A Volatility plugin can be found here. The plugin allows to use Volatility commands on any transition of a REVEN trace. In the Uroburos malware study, Volatility is used to dump binaries that were dropped in memory by the malware. Related articles Can I use WinDbg with REVEN? Can I analyze network activity in REVEN with Wireshark? What's the overhead during the Recording? Comments 0 comments Please sign in to leave a comment.