-
```
Has anyone had any success using LibVMI (http://vmitools.sandia.gov/) with
Volatility yet? The example codes provided with LibVMI work fine including the
python example but with Volatility I jus…
-
```
When I use the two command :
1 python vol.py imagecopy -f d:\hibernateWin764.sys --profile=Win7SP1x64 -O
c:\win7.raw;
2 python vol.py raw2dmp -f c:\win7.raw --profilw=Win7SP1x64 -O c:\win7.dmp
a…
-
```
C:\Users\admin\Desktop\vol>C:\Python27\python.exe volatility.py pslist
--profile=Win7SP0x86 -f win7vss.vmem
Volatile Systems Volatility Framework 1.4_rc1
Name Pid PPid Thds…
-
```
What steps will reproduce the problem?
1. vol.py -f file.dump malfind -p 2440 --dump-dir . --profile=Win7SP1x86
-p is the PID of Explorer, which is supposed to have the Zeus trojan injected
int…
-
```
What steps will reproduce the problem?
1. I am using this python code in Eclipse
https://code.google.com/p/volatility/wiki/VolatilityUsage23#Using_Volatility_as_
a_Library
2. I am getting this er…
-
```
When I use the two command :
1 python vol.py imagecopy -f d:\hibernateWin764.sys --profile=Win7SP1x64 -O
c:\win7.raw;
2 python vol.py raw2dmp -f c:\win7.raw --profilw=Win7SP1x64 -O c:\win7.dmp
a…
-
```
Reported by Sebastien Bourdon-Richard on Vol-dev:
I'm playing with a 5GB Windows 7 SP0 64bit memory dump and I have some
problems with processes mapped over 4GB.
Pslist only shows System proces…
-
```
Not really sure how to file this or if its a bug that can really be fixed, but
I thought I should post it anyway.
So the problem is that I was on a previous version of volatility from yesterday …
-
```
Not really sure how to file this or if its a bug that can really be fixed, but
I thought I should post it anyway.
So the problem is that I was on a previous version of volatility from yesterday …
-
```
Hey guys,
I encountered this issue this week. I've been updating the code from CVS about
once a week and the problem just starting happening so it may be due to a
recent change.
$ python vola…