volatility 2.3.1-4 (i386 binary) in ubuntu trusty

 The Volatility Framework is a completely open collection of tools for the
 extraction of digital artifacts from volatile memory (RAM) samples. It is
 useful in forensics analysis. The extraction techniques are performed
 completely independent of the system being investigated but offer
 unprecedented visibility into the runtime state of the system.
 .
 Volatility supports memory dumps from all major 32- and 64-bit Windows
 versions and service packs. Whether your memory dump is in raw format, a
 Microsoft crash dump, hibernation file, or virtual machine snapshot,
 Volatility is able to work with it.
 .
 Linux memory dumps in raw or LiME format are supported too. There are several
 plugins for analyzing 32- and 64-bit Linux kernels and distributions such as
 Debian, Ubuntu, OpenSuSE, Fedora, CentOS, and Mandrake.
 .
 Volatility also support several versions of Mac OSX memory dumps, both 32-
 and 64-bit. Android phones with ARM processors are also supported.
 .
 These are some of the data that can be extracted:
    .
    - Image information (date, time, CPU count).
    - Running processes.
    - Open network sockets and connections.
    - OS kernel modules loaded.
    - Memory maps for each process.
    - Executables samples.
    - Command histories.
    - Passwords, as LM/NTLM hashes and LSA secrets.
    - Others.