volatility3-symbols
volatility3-symbols copied to clipboard
Memory mapping profiles for forensic analysis using volatility 3
Volatility3 symbols for for forensic analysis using volatility.
Despite hours of work, all of these 637 symbols are generated and shared for free. So if you find this project useful, please ⭐ this repo or support my work on patreon.
If you're using volatility 2, you should check out volatility2-profiles.
Installation
Each of these symbols is packaged as a compressed .json.xz
file. You can enable them individually in your Volatility installation by copying:
- Linux symbols in
volatility3/symbols/linux/
- Mac symbols in
volatility3/symbols/mac/
- Windows symbols in
volatility3/symbols/windows/
:warning: Only enable the symbols you plan to use. If you copy all symbol files into the aforementioned directories, Volatility will be extremely slow to load.
More information about volatility3 symbol tables:
- https://volatility3.readthedocs.io/en/latest/symbol-tables.html
- https://volatility3.readthedocs.io/en/latest/vol2to3.html#symbols-and-types
Issues
:warning: These symbols are automatically generated and may not be fully tested (or tested at all). Use at your own risk. If you encounter problems, please report them through the issue tracker: https://github.com/p0dalirius/volatility3-symbols/issues.