Install rekall-core by entering the following commands in the terminal:
sudo apt update sudo apt install rekall-core
Description:
memory analysis and incident response framework
The Rekall Framework is a completely open collection of tools for the extraction and analysis of digital artifacts computer systems. . Rekall supports investigations of the following 32bit and 64bit memory images: . - Microsoft Windows XP Service Pack 2 and 3 - Microsoft Windows 7 Service Pack 0 and 1 - Microsoft Windows 8 and 8.1 - Microsoft Windows 10 - Linux Kernels 2.6.24 to 4.4. - OSX 10.7-10.12.x. . Rekall also provides a complete memory sample acquisition capability for all major operating systems.
Homepage: http://www.rekall-forensic.com/
Version: 1.6.0+dfsg-2
Section: universe/utils