digitalisx
commented
1 year ago Hello @DYarizadeh,
Could you please check the installed yara-python library?
If not installed, you can use the installation command pip3 install -r requirements.txt
Closed DYarizadeh closed 1 year ago
digitalisx
commented
1 year ago Hello @DYarizadeh,
Could you please check the installed yara-python library?
If not installed, you can use the installation command pip3 install -r requirements.txt
DYarizadeh
commented
1 year ago Yes that worked. Thank you.
C:\Users\Dennis\Desktop\Forensics Tools\volatility3-2.5.0> python.exe .\vol.py -f "C:\Users\Dennis\Downloads\memdump.mem" windows.vadyarascan --yara-file .\stringsearch.yar Volatility 3 Framework 2.5.0 usage: volatility [-h] [-c CONFIG] [--parallelism [{processes,threads,off}]] [-e EXTEND] [-p PLUGIN_DIRS] [-s SYMBOL_DIRS] [-v] [-l LOG] [-o OUTPUT_DIR] [-q] [-r RENDERER] [-f FILE] [--write-config] [--save-config SAVE_CONFIG] [--clear-cache] [--cache-path CACHE_PATH] [--offline] [--single-location SINGLE_LOCATION] [--stackers [STACKERS ...]] [--single-swap-locations [SINGLE_SWAP_LOCATIONS ...]] plugin ... volatility: error: argument plugin: invalid choice windows.vadyarascan
I confirmed that vadyarascan was in the /framework/plugins/windows folder
Same error for the yarascan in the /framework/plugins folder