You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been creating a volatility profile building script to deal with the issue of not having these pre-built. At time of writing, it will allow you to select from any CentOS and Ubuntu release that exists in docker. On the Ubuntu side, it will further prompt for the exact kernel that you wish to profile, giving you the selection of valid kernels to choose from for that specific ubuntu release. Further, though I haven't tested this yet, using Docker it uses the default architecture, so if the docker build supports it, you should be able to build these profiles for any of the architectures available (i.e.: arm for ubuntu).
This seems to make the effort of keeping up with new kernels and all the varieties a bit easier and more automated. I think it would be a worthwhile inclusion into the wiki page on Linux profile building.
And you can install it simply with pip install volatility_profile_builder.
This is NOT meant to be the be-all for profile building, as it will NOT work with anything that does not have a working repo (i.e.: ubuntu 14.x, or others). It should help auto build modern profiles though.
The text was updated successfully, but these errors were encountered:
I've been creating a volatility profile building script to deal with the issue of not having these pre-built. At time of writing, it will allow you to select from any CentOS and Ubuntu release that exists in docker. On the Ubuntu side, it will further prompt for the exact kernel that you wish to profile, giving you the selection of valid kernels to choose from for that specific ubuntu release. Further, though I haven't tested this yet, using Docker it uses the default architecture, so if the docker build supports it, you should be able to build these profiles for any of the architectures available (i.e.: arm for ubuntu).
This seems to make the effort of keeping up with new kernels and all the varieties a bit easier and more automated. I think it would be a worthwhile inclusion into the wiki page on Linux profile building.
The script is hosted here: https://github.com/bannsec/volatility_profile_builder
And you can install it simply with
pip install volatility_profile_builder.This is NOT meant to be the be-all for profile building, as it will NOT work with anything that does not have a working repo (i.e.: ubuntu 14.x, or others). It should help auto build modern profiles though.
The text was updated successfully, but these errors were encountered: