-
```
Hey guys,
In the volatility/plugins/overlays/windows/pe_vtypes.py file we have mostly
hand-made PE structures. The nt module from which we auto-generate OS vtypes
don't define them, so a while…
-
```
Hmm this is strange. If you take a look at the following MMVAD_FLAGS definition
from xp_sp2_x86_vtypes.py you'll notice all its members have been deleted:
http://code.google.com/p/volatility/sou…
-
```
Hiya,
So just a quick reminder that BitField now support a native_type parameter,
which should be one of the keys in the native_types dict for the profile in
question, and should therefore prod…
-
```
Hiya,
So just a quick reminder that BitField now support a native_type parameter,
which should be one of the keys in the native_types dict for the profile in
question, and should therefore prod…
-
```
Hiya,
So just a quick reminder that BitField now support a native_type parameter,
which should be one of the keys in the native_types dict for the profile in
question, and should therefore prod…
-
```
Hmm this is strange. If you take a look at the following MMVAD_FLAGS definition
from xp_sp2_x86_vtypes.py you'll notice all its members have been deleted:
http://code.google.com/p/volatility/sou…
-
```
I tried dumps from several Windows 7 (64 Bit) machines and got only the
following output.
1. example:
E:\Viren_MalWare_usw\Debugging\Volatility-64Bit>vol.py -f
..\Viren_Mem_Dumps\Dieter
soft\Wi…
-
```
Hmm this is strange. If you take a look at the following MMVAD_FLAGS definition
from xp_sp2_x86_vtypes.py you'll notice all its members have been deleted:
http://code.google.com/p/volatility/sou…
-
I'm sorry so lay in the subject like this is running fine and that way he buy and sell?
because I do not see running purchase order and not for sale how can proceed properly?
```
:\Users\Trincax\Des…
-
```
Hey guys,
One flaw in the moddump I submitted last week - its missing BDG's original
find_space function. Thus, it cannot dump a few modules (namely win32k.sys).
Here is a new version of moddu…