Feature: implement DeviceTree plugin.

[digitalisx]

Description

Hello, everyone in the community! 😃
There are some plugins that have not been implemented as they are updated from Volatility 2 to 3.
After reviewing this #118, I found that DeviceTree plugin has not yet migrated to 3.
So I'm implemented (or porting) of DeviceTree plugin according to the Volatility 3 structure.

It was implemented so that the same results as Volatility 2 can be obtained by referring to the existing code.

Command

Help Command

> python3 vol.py -h
windows.devicetree.DeviceTree Listing tree based on drivers and attached devices in a particular windows memory image.

Run Command

python3 vol.py -f case.vmem windows.devicetree

Output Example

Volatility 3 Framework 2.0.2
Progress:  100.00               PDB scanning finished                        
Offset  Type    DriverName      DeviceName      DeviceType
0x97065bd32e20  DRV     HDAudBus        N/A     N/A
* 0x97065bd32e20        DEV     HDAudBus        00000070        FILE_DEVICE_SOUND
** 0x97065bd32e20       ATT     HDAudBus        00000071 - \Driver\HdAudAddService      FILE_DEVICE_KS
*** 0x97065bd32e20      ATT     HDAudBus        00000072 - \Driver\ksthunk      FILE_DEVICE_KS
0x97065bd36060  DRV     usbehci N/A     N/A
* 0x97065bd36060        DEV     usbehci USBPDO-2        FILE_DEVICE_BUS_EXTENDER
** 0x97065bd36060       ATT     usbehci 0000006f - \Driver\usbhub       UNKNOWN
0x97065bd369c0  DRV     gencounter      N/A     N/A
* 0x97065bd369c0        DEV     gencounter      VmGenerationCounter     FILE_DEVICE_UNKNOWN
0x97065bd5a300  DRV     e1i65x64        N/A     N/A
* 0x97065bd5a300        DEV     e1i65x64        INTELPRO_{2CF4C691-FB21-4D9A-8CEA-F5AD9232FC61} FILE_DEVICE_NETWORK

If you are interested in or have any comments on this PR, please feel free to leave a thread! 🙌

[ikelos]

Awesome, this looks really good, thanks! 5:) There's a few little bits and pieces that need tidying and a couple of bigger things that we might think about doing in the future, but for now if we get the small stuff cleaned up I'd be happy to merge it... 5:)

[ikelos]

Some additional comments, generally I think we're both in agreement on everything (and I misunderstood what was going on in one part). 5:)

[digitalisx]

Hello @ikelos,
Thank you for your review! 😊

I thought about the feedback you gave me and changed the code through various experiments.
Some codes have been modified directly for feedback, but others have probably been changed indirectly.
I hope you will like my new proposal.

If you have any comments on this PR, please feel free to leave a thread! 🙌

[ikelos]

Thanks very much for all the changes, this looks good! 5:D