Add profilescan plugin suite

[P1kachu]

Signed-off-by: Stanislas Lejay stanislas.lejay@epita.fr

[iMHLv2]

I ran this on a couple linux and mac memory dumps and it worked as expected. Nice job! The only thing I'd suggest aside from what's already on your TODO list is switching up the name space a bit. The way we recommend using the community branch is checking it out side by side with volatility (for example ~/volatility and ~/community) and then importing plugins by specifying --plugins=~/community or --plugins=~/community/author. Currently, people would need to copy your files into into the core directories (i.e. put get_profile.py in volatility/plugins/linux) since that's how profilescan.py imports it. Does that make sense? Also, you might consider submitting to the volatility plugin contest http://www.volatilityfoundation.org/#!2016/qacow.

[P1kachu]

Thanks !

Well, I had problem loading it using --plugins=~/community/ for some strange reason, that's why I didn't do it. What do you recommend for it to work ?

[P1kachu]

And which particular things do you recommend I change such that it matches the usual way ?