Open AnkitKundariya opened 7 years ago
iMHLv2
commented
7 years ago You can try this:
https://thunderco.re/project/forensics/2016/05/14/volatility-profile-finder/
Or store a volatilityrc file in the directory relative to your sample, with the correct profile embedded.
AnkitKundariya
commented
7 years ago Dear @iMHLv2 i go through this https://thunderco.re/project/forensics/2016/05/14/volatility-profile-finder/ can you please explain me how can i use it and how it help me to find Suggested Profile for Linux Memory Samples.
please refer imaginfocommand for windows profiles
imageinfo command doesn't work on Linux memory samples right, now consider a scenario where i have number of Linux profiles and i don't know which profile is ideal for my dumps , for this either i have to first find suggested profile by using imageinfo command which help me to go ahead and perform other operations on my Linux memory samples, or another way is to take one by one every profile and test all the profile with my Linux memory samples. which takes to much time so what I'm asking is, is there any alternative command of imageinfo which gives me a suggested profile for my Linux memory samples.