The Rekall Framework is a completely open collection of tools for the extraction and analysis of digital artifacts computer systems.

Rekall supports investigations of the following 32bit and 64bit memory images:

- Microsoft Windows XP Service Pack 2 and 3
- Microsoft Windows 7 Service Pack 0 and 1
- Microsoft Windows 8 and 8.1
- Microsoft Windows 10
- Linux Kernels 2.6.24 to 4.4.
- OSX 10.7-10.12.x.
Rekall also provides a complete memory sample acquisition capability for all major operating systems.