ikelos

If we wanted we could instead yield as the items are traversed. I haven't thought about which might be better?

> In the second case then yes it wouldn't go past the NULL entry, but in the first case it would construct an array the size of our large value...

Ok, so as I see it, there's two ways to (eventually) split this: * Extraction is a feature built-on top of the general module functionality, therefore the module functionality doesn't...

@Abyss-W4tcher I saw the lack of this PR was causing a few problems, and checked that it was waiting on #1801. That never got reviewed, so just languished there, so...

Please include a text file with the complete error trace from running volatility as `python vol.py -vvv ...` so we can see everything that went wrong. Are you able to...

You can ask volatility about which symbol tables it knows about using the `isfinfo` plugin, so if you put the packs in the correct location, `isfinfo` should tell you every...

The symbol packs are specific to the running kernel, which doesn't necessarily match up with specific versions of windows, so what you're asking for won't be possible (and wouldn't make...

As I say, the versions are a bit meaningless, because Volatility 3 works against kernels rather than versions. It also has support to work against *any* version of windows that...

ReactOS is not a supported operating system, so we've done no tests using it. I don't know whether the structures that we rely on for our plugins would have the...

I suspect this is a C++ library, it's been known for a while that pdbconv doesn't support this (see #650 and #540 ) but the work somewhat stalled because the...