Hi,
I just downloaded Kali, because I'd seen a reference elsewhere that it contained the Inception Firewire memory exploitation tool. Unfortunately, this information appears to have been an error. nonetheless, it would most certainly make an excellent addition to Kali. I've installed it on a booted livecd install, and it seems to work OK. In addition, the version of Volatility you have installed doesn't work for Firewire acquisitions, because you don't have the forensic1394 library installed. This also works fine if you put it on, so I'd think it would make sense for you to do so.

Inception is available from http://www.breaknenter.org/projects/inception/
Specific install instructions taken from that website are as follows:
HTML Code:
     apt-get install git cmake python3 g++
     wget [url]http://freddie.witherden.org/tools/libforensic1394/releases/libforensic1394-0.2.tar.gz[/url]
     tar xvf libforensic1394-0.2.tar.gz
     cd libforensic1394-0.2
     cmake CMakeLists.txt
     make install
     cd python
     python3 setup.py install
     cd ../..
     git clone [url]https://github.com/carmaa/inception.git[/url]
     cd inception
Note that these instructions only install the forensic1394 library for python3, and they place it in /usr/local rather than /usr, so Volatility is still unable to make use of it.

To install the forensic1394 library so Volatilaty can use it, change the above cmake command to:
HTML Code:
     cmake -DCMAKE_INSTALL_PREFIX:PATH=/usr CMakeLists.txt
and change the python install command to:
HTML Code:
     python setup.py install --prefix=/usr
After doing these steps, both Volatility and Inception seem to work correctly. Any chance of getting these tools incorporated into the standard Kali distribution? I think having the ability to plug in and instantly unlock systems from your laptop would be a real boon to penetration testers in general. It's also a very useful memory imaging capability.

Thoughts?
John