app-forensics / volatility3

Framework for analyzing volatile memory

Official package sites : https://github.com/volatilityfoundation/volatility3/ · https://www.volatilityfoundation.org/ ·

Volatility is the world's most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibility into the runtime state of the system.

v2.0.1 :: 0 :: gentoo

Modified
License
GPL-2+
Keywords
amd64 x86
USE flags
crypt disasm jsonschema leechcore snappy yara

General

crypt
support plugins that decrypt passwords, password hashes, etc.
disasm
support plugins that perform malware analysis and disassemble code
jsonschema
improve error messages regarding improperly configured ISF files
leechcore
support memory acquisition via leechcore
snappy
support AVMLs native compression format
yara
support YARA pattern matching engine

python_targets

python3_10
Build with Python 3.10
python3_8
Build with Python 3.8
python3_9
Build with Python 3.9

dev-libs / capstone : disassembly/disassembler framework + bindings

dev-python / jsonschema : An implementation of JSON-Schema validation for Python

dev-python / leechcorepyc : Python binding for LeechCore Physical Memory Acquisition Library

dev-python / pefile : Module to read and work with Portable Executable (PE) files

dev-python / pycryptodome : A self-contained cryptographic library for Python

dev-python / snappy : Python library for the snappy compression library from Google

dev-python / yara-python : Python interface for a malware identification and classification tool

dev-lang / python : An interpreted, interactive, object-oriented programming language

dev-libs / capstone : disassembly/disassembler framework + bindings

dev-python / jsonschema : An implementation of JSON-Schema validation for Python

dev-python / leechcorepyc : Python binding for LeechCore Physical Memory Acquisition Library

dev-python / pefile : Module to read and work with Portable Executable (PE) files

dev-python / pycryptodome : A self-contained cryptographic library for Python

dev-python / snappy : Python library for the snappy compression library from Google

dev-python / yara-python : Python interface for a malware identification and classification tool

Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.0.1 x86, #863479
Signed-off-by: Sam James <sam@gentoo.org>
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.0.1 amd64, #863479
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: use PEP517
Signed-off-by: Sam James <sam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: version bump 2.0.1
Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/24002 Signed-off-by: Sam James <sam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: new ebuild
Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Signed-off-by: Sam James <sam@gentoo.org>