-
Notifications
You must be signed in to change notification settings - Fork 21
/
volatility3.sls
42 lines (37 loc) · 1.49 KB
/
volatility3.sls
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Name: Volatility 3
# Website: https://github.com/volatilityfoundation/volatility3
# Description: Memory forensics tool and framework
# Category: Perform Memory Forensics
# Author: The Volatility Foundation
# License: Volatility Software License: https://github.com/volatilityfoundation/volatility3/blob/master/LICENSE.txt
# Notes: Invoke using: vol3, volshell3. Before using, download symbols by following the links from https://github.com/volatilityfoundation/volatility3#symbol-tables and place them in `/usr/local/lib/python3.8/dist-packages/volatility3/framework/symbols`
include:
- remnux.packages.git
- remnux.python3-packages.pip
remnux-python3-packages-volatility3-requirements:
pip.installed:
- requirements: https://raw.githubusercontent.com/volatilityfoundation/volatility3/develop/requirements.txt
- bin_env: /usr/bin/python3
remnux-python3-packages-volatility3:
pip.installed:
- name: volatility3
- bin_env: /usr/bin/python3
- require:
- sls: remnux.packages.git
- sls: remnux.python3-packages.pip
remnux-python3-packages-volatility-rename-vol:
file.rename:
- name: /usr/local/bin/vol3
- source: /usr/local/bin/vol
- force: true
- makedirs: True
- watch:
- pip: remnux-python3-packages-volatility3
remnux-python3-packages-volatility-rename-volshell:
file.rename:
- name: /usr/local/bin/volshell3
- source: /usr/local/bin/volshell
- force: true
- makedirs: True
- watch:
- pip: remnux-python3-packages-volatility3