app-forensics / volatility3

Framework for analyzing volatile memory

Official package sites : https://github.com/volatilityfoundation/volatility3/ · https://www.volatilityfoundation.org/ ·

Volatility is the world's most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibility into the runtime state of the system.

v2.5.2 :: 0 :: gentoo

Modified
License
GPL-2+
Keywords
amd64 x86
USE flags
crypt disasm jsonschema leechcore snappy test yara

v2.4.1-r2 :: 0 :: gentoo

Modified
License
GPL-2+
Keywords
amd64 x86
USE flags
crypt disasm jsonschema leechcore snappy test yara

General

crypt
support plugins that decrypt passwords, password hashes, etc.
disasm
support plugins that perform malware analysis and disassemble code
jsonschema
improve error messages regarding improperly configured ISF files
leechcore
support memory acquisition via leechcore
snappy
support AVMLs native compression format
test
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)
yara
support YARA pattern matching engine

python_targets

python3_10
Build with Python 3.10
python3_11
Build with Python 3.11
python3_12
Build with Python 3.12

app-arch / snappy : A high-speed compression/decompression library by Google

dev-libs / capstone : disassembly/disassembler framework + bindings

dev-python / jsonschema : An implementation of JSON-Schema validation for Python

dev-python / leechcorepyc : Python binding for LeechCore Physical Memory Acquisition Library

dev-python / pefile : Module to read and work with Portable Executable (PE) files

dev-python / pycryptodome : A self-contained cryptographic library for Python

dev-python / yara-python : Python interface for a malware identification and classification tool

app-arch / snappy : A high-speed compression/decompression library by Google

dev-lang / python : An interpreted, interactive, object-oriented programming language

dev-libs / capstone : disassembly/disassembler framework + bindings

dev-python / jsonschema : An implementation of JSON-Schema validation for Python

dev-python / leechcorepyc : Python binding for LeechCore Physical Memory Acquisition Library

dev-python / pefile : Module to read and work with Portable Executable (PE) files

dev-python / pycryptodome : A self-contained cryptographic library for Python

dev-python / yara-python : Python interface for a malware identification and classification tool

Repository mirror & CI · gentoo
Merge updates from master
Arthur Zamarin · gentoo
app-forensics/volatility3: Stabilize 2.5.2 x86, #930480
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.5.2 amd64, #930480
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mario Haustein · gentoo
app-forensics/volatility3: add 2.5.2
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/33096 Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: just install site-packages
Closes: https://bugs.gentoo.org/922169 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mario Haustein · gentoo
app-forensics/volatility3: drop 2.4.0-r1
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/32829 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Arthur Zamarin · gentoo
app-forensics/volatility3: Stabilize 2.4.1-r1 x86, #907196
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: drop 2.0.1
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.4.1-r1 amd64, #907196
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.4.0-r1 x86, #892663
Signed-off-by: Sam James <sam@gentoo.org>
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.4.0-r1 amd64, #892663
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mario Haustein · gentoo
app-forensics/volatility3: fix subslot dependency
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/30621 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mario Haustein · gentoo
app-forensics/volatility3: add 2.4.1
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/30585 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mario Haustein · gentoo
app-forensics/volatility3: enable py3.11
Closes: https://bugs.gentoo.org/896544 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/29797 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Michał Górny · gentoo
Rename dev-python/{snappy → python-snappy}
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
David Seifert · gentoo
*/*: remove py3.8 from PYTHON_COMPAT
Signed-off-by: David Seifert <soap@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: use canonical function definition style
Signed-off-by: Sam James <sam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: enable tests
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/28684 Signed-off-by: Sam James <sam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: don't install test files
Closes: https://bugs.gentoo.org/886031 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mario Haustein · gentoo
app-forensics/volatility3: add 2.4.0
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/28665 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.0.1 x86, #863479
Signed-off-by: Sam James <sam@gentoo.org>
Sam James · gentoo
app-forensics/volatility3: Stabilize 2.0.1 amd64, #863479
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
app-forensics/volatility3: use PEP517
Signed-off-by: Sam James <sam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: version bump 2.0.1
Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Closes: https://github.com/gentoo/gentoo/pull/24002 Signed-off-by: Sam James <sam@gentoo.org>
Mario Haustein · gentoo
app-forensics/volatility3: new ebuild
Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de> Signed-off-by: Sam James <sam@gentoo.org>