-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathvolatility3.sls
42 lines (37 loc) · 1.42 KB
/
volatility3.sls
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Name: Volatility 3
# Website: https://github.com/volatilityfoundation/volatility3
# Description: Memory forensics tool and framework
# Category: Perform Memory Forensics
# Author: The Volatility Foundation
# License: Volatility Software License: https://github.com/volatilityfoundation/volatility3/blob/master/LICENSE.txt
# Notes: Invoke using: vol3, volshell3. Before using, download symbols by following the links from https://github.com/volatilityfoundation/volatility3#symbol-tables and place them in `/usr/local/lib/python3.8/dist-packages/volatility3/framework/symbols`
{% set files = ['vol','volshell'] %}
include:
- remnux.packages.python3-virtualenv
remnux-python3-package-volatility3-venv:
virtualenv.managed:
- name: /opt/volatility3
- venv_bin: /usr/bin/virtualenv
- pip_pkgs:
- pip>=24.1.3
- setuptools>=70.0.0
- wheel>=0.38.4
- require:
- sls: remnux.packages.python3-virtualenv
remnux-python3-package-volatility3:
pip.installed:
- name: volatility3
- bin_env: /opt/volatility3/bin/python3
- upgrade: True
- require:
- virtualenv: remnux-python3-package-volatility3-venv
{% for file in files %}
remnux-python3-package-volatility3-symlink-{{ file }}:
file.symlink:
- name: /usr/local/bin/{{ file }}3
- target: /opt/volatility3/bin/{{ file }}
- force: True
- makedirs: False
- require:
- pip: remnux-python3-package-volatility3
{% endfor %}