Installs Volatility 2.6 (+ all dependencies) for Ubuntu (+ other APT-based distros) with one command.
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 10 commits ahead, 7 commits behind 4n6k:master.
wzod Update README

- Fixed sections (Markdown)
Latest commit a1a38dc Mar 17, 2017

Install Volatility 2.6 for Linux with one command.


Volatility is an open source framework for analyzing volatile memory (reference: ). This script installs volatility and all required dependencies leveraging the bash shell.

With this script, you can:

  1. Skip all of the dependency frustration
  2. Build volatility and the required dependencies from source
  3. Run the latest version of Volatility


An internet connection and a Debian-based Linux distribution. This script has been tested on stock Ubuntu 16.04 and Ubuntu 14.04. Some testing has been done to support SIFT Workstation 3.0.


  • Downloads, verifies, extracts, and installs source archives for everything you will need to complete a full installation of Volatility 2.6:
    • Volatility 2.6
    • diStorm3
    • Yara (+ magic module) + Yara-Python
    • PyCrypto
    • Python Imaging Library + Library Fixes
    • OpenPyxl
    • ujson
    • pytz
  • Adds "" to your system PATH so that you can run Volatility from any location.


You can download the script from the following GitHub page:

SHA256 Hash: 95805fde782753dac6473221264d5ba21b006d84ff47014b53eb81876791881e


Volatility will be installed to the directory you specify.

  • From a terminal, run:
    • sudo bash /home/$USER

In the above example, the following directories will be created:

  • /home/$USER/volatility_setup
    • Contains dependency source code and the install_log.txt file.
  • /home/$USER/volatility_2.6
    • Contains the Volatility 2.6 install.


If you see a problem with the code or can suggest improvements, please add an issue for tracking (suggestions are always welcomed, too!).


Thanks to the Volatility team for all of their contribtions and advancing the field of memory forensics. Go to for more info.

Special shout-out to @4n6k for the inspiration and contributions with (see, which was the origination of a large portion of the volatility_installer script. @4n6k's script was also the catalyst for putting together the installer script for MASTIFF (see ).