Volatility

Volatility Framework (http://www.volatilityfoundation.org/) related stuff

create_plugin

A small script to initialize Volatility plugin for malware detection.

vol_vm.py

A simple wrapper to analyze vmem files with Volatility Framework. Tested on macOS + VMware Fusion. This might be useful for malware analyst.

How to use

Edit vol_vm.py according to your environment
Execute malware sample which you want to analyze on virtual machine
Execute vol_vm.py with Volatility command

vol_vm.py suspends your virtual machine then executes vol.py as below

$ python vol_vm.py redleavesconfig
[*] suspended WIN7
[*] volatility output:
Volatility Foundation Volatility Framework 2.6
config addr: 0035F788

----------------------------------------------------------------------
Lavender Settings:
(snip.)

License

Apache License 2.0. See LICENSE.

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
create_plugin		create_plugin
LICENSE		LICENSE
README.md		README.md
vol_vm.py		vol_vm.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Volatility

create_plugin

vol_vm.py

How to use

License

About

Releases

Packages

Languages

License

you0708/volatility

Folders and files

Latest commit

History

Repository files navigation

Volatility

create_plugin

vol_vm.py

How to use

License

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages