معرفی شرکت ها

volatility_2.6.1-1_all.deb

Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر

توضیحات

advanced memory forensics framework
ویژگی مقدار
سیستم عامل Linux
توزیع Debian Buster-10
مخزن Debian main all
نام بسته volatility
نام فایل بسته volatility_2.6.1-1_all.deb
نسخه بسته 2.6.1
انتشار بسته 1
معماری بسته all
نگهدارنده Debian Security Tools <team+pkg-security@tracker.debian.org>
تاریخ ساخت -
هاست سازنده -
نوع بسته .deb
آدرس صفحه اصلی https://github.com/volatilityfoundation/volatility
مجوز -
حجم دانلود 1089140
حجم نصب 27745
The Volatility Framework is a completely open collection of tools for the extraction of digital artifacts from volatile memory (RAM) samples. It is useful in forensics analysis. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibility into the runtime state of the system. . Volatility supports memory dumps from all major 32- and 64-bit Windows versions and service packs. Whether your memory dump is in raw format, a Microsoft crash dump, hibernation file, or virtual machine snapshot, Volatility is able to work with it. . Linux memory dumps in raw or LiME format are supported too. There are several plugins for analyzing memory dumps from 32- and 64-bit Linux kernels and relevant distributions such as Debian, Ubuntu, openSUSE, RedHat, Fedora, CentOS, Mandriva, etc. . Volatility also support several versions of Mac OSX memory dumps, both 32- and 64-bit. Android phones with ARM processors are also supported. . These are some of the data that can be extracted from a memory image: - Image information (date, time, CPU count); - Running processes; - Open network sockets and connections; - OS kernel modules loaded; - Memory maps for each process; - Executables samples; - Command history; - Suspicious process mappings (i.e. injected code); - Passwords, as LM/NTLM hashes and LSA secrets; - Cached Truecrypt passphrases; - Others. . Current version (2.6) supports investigations of the memory images from the following operational systems: - 32-bit Windows XP Service Pack 2 and 3 - 32-bit Windows 2003 Server Service Pack 0, 1, 2 - 32-bit Windows Vista Service Pack 0, 1, 2 - 32-bit Windows 2008 Server Service Pack 1, 2 (there is no SP0) - 32-bit Windows 7 Service Pack 0, 1 - 32-bit Windows 8, 8.1, and 8.1 Update 1 - 32-bit Windows 10 (initial support) - 64-bit Windows XP Service Pack 1 and 2 (there is no SP0) - 64-bit Windows 2003 Server Service Pack 1 and 2 (there is no SP0) - 64-bit Windows Vista Service Pack 0, 1, 2 - 64-bit Windows 2008 Server Service Pack 1 and 2 (there is no SP0) - 64-bit Windows 2008 R2 Server Service Pack 0 and 1 - 64-bit Windows 7 Service Pack 0 and 1 - 64-bit Windows 8, 8.1, and 8.1 Update 1 - 64-bit Windows Server 2012 and 2012 R2 - 64-bit Windows 10 (including at least 10.0.14393) - 64-bit Windows Server 2016 (including at least 10.0.14393.0) - 32-bit Linux kernels 2.6.11 to 4.2.3 - 64-bit Linux kernels 2.6.11 to 4.2.3 - 32-bit 10.5.x Leopard (the only 64-bit 10.5 is Server, which isn't supported) - 32-bit 10.6.x Snow Leopard - 64-bit 10.6.x Snow Leopard - 32-bit 10.7.x Lion - 64-bit 10.7.x Lion - 64-bit 10.8.x Mountain Lion (there is no 32-bit version) - 64-bit 10.9.x Mavericks (there is no 32-bit version) - 64-bit 10.10.x Yosemite (there is no 32-bit version) - 64-bit 10.11.x El Capitan (there is no 32-bit version) - 64-bit 10.12.x Sierra (there is no 32-bit version) . Volatility supports a variety of sample file formats: - Raw linear sample (dd) - Hibernation file (from Windows 7 and earlier) - Crash dump file - VirtualBox ELF64 core dump - VMware saved state and snapshot files - EWF format (E01) - LiME format - Mach-O file format - QEMU virtual machine dumps - Firewire - HPAK (FDPro)


جایگزین ها

بسته نسخه معماری مخزن
volatility-tools_2.6.1-1_all.deb 2.6.1 all Debian main


نیازمندی

مقدار نام
- python-crypto
- python-distorm3
- python-openpyxl
- python-pil
- python-tz
- python-yara
>= 2.4.1-1 volatility-tools
<< 2.8 python:any
>= 2.7~ python:any


نحوه نصب


نصب پکیج deb volatility:

    sudo apt-get install volatility_2.6.1-1_all.deb


فایل ها

مسیرها
./usr/lib/python2.7/dist-packages/volatility/__init__.py
./usr/lib/python2.7/dist-packages/volatility/addrspace.py
./usr/lib/python2.7/dist-packages/volatility/cache.py
./usr/lib/python2.7/dist-packages/volatility/commands.py
./usr/lib/python2.7/dist-packages/volatility/conf.py
./usr/lib/python2.7/dist-packages/volatility/constants.py
./usr/lib/python2.7/dist-packages/volatility/debug.py
./usr/lib/python2.7/dist-packages/volatility/dwarf.py
./usr/lib/python2.7/dist-packages/volatility/exceptions.py
./usr/lib/python2.7/dist-packages/volatility/fmtspec.py
./usr/lib/python2.7/dist-packages/volatility/obj.py
./usr/lib/python2.7/dist-packages/volatility/plugins/__init__.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/__init__.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/amd64.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/arm.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/crash.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/crashbmp.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/elfcoredump.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/hibernate.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/hpak.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/ieee1394.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/intel.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/lime.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/macho.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/osxpmemelf.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/paged.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/standard.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/vmem.py
./usr/lib/python2.7/dist-packages/volatility/plugins/addrspaces/vmware.py
./usr/lib/python2.7/dist-packages/volatility/plugins/bigpagepools.py
./usr/lib/python2.7/dist-packages/volatility/plugins/bioskbd.py
./usr/lib/python2.7/dist-packages/volatility/plugins/cmdline.py
./usr/lib/python2.7/dist-packages/volatility/plugins/common.py
./usr/lib/python2.7/dist-packages/volatility/plugins/connections.py
./usr/lib/python2.7/dist-packages/volatility/plugins/connscan.py
./usr/lib/python2.7/dist-packages/volatility/plugins/crashinfo.py
./usr/lib/python2.7/dist-packages/volatility/plugins/dlldump.py
./usr/lib/python2.7/dist-packages/volatility/plugins/drivermodule.py
./usr/lib/python2.7/dist-packages/volatility/plugins/dumpcerts.py
./usr/lib/python2.7/dist-packages/volatility/plugins/dumpfiles.py
./usr/lib/python2.7/dist-packages/volatility/plugins/envars.py
./usr/lib/python2.7/dist-packages/volatility/plugins/evtlogs.py
./usr/lib/python2.7/dist-packages/volatility/plugins/fileparam.py
./usr/lib/python2.7/dist-packages/volatility/plugins/filescan.py
./usr/lib/python2.7/dist-packages/volatility/plugins/getservicesids.py
./usr/lib/python2.7/dist-packages/volatility/plugins/getsids.py
./usr/lib/python2.7/dist-packages/volatility/plugins/gui/__init__.py
./usr/lib/python2.7/dist-packages/volatility/plugins/gui/atoms.py
./usr/lib/python2.7/dist-packages/volatility/plugins/gui/clipboard.py
./usr/lib/python2.7/dist-packages/volatility/plugins/gui/constants.py
... and 379 more