[Vol-users] Need help: Can anyone provide information about plug-ins for volatility framework, especially used for Linux

Mike Auty mike.auty at gmail.com
Sat Jan 2 18:33:48 CST 2010


Just a sidenote,

The linux code in the Volatility_1.4_beta1 and experimental branches is
from the old codebase (Volatility_1.3) and currently won't work with
1.4.  None of the plugins available for 1.4 work against a linux system,
and I'd strongly encourage anyone trying to learn about plugins to avoid
looking in there (if anything, I should remove it, but it was left there
as a kind of broken still-to-port list).  5:)

If you're interested in writing plugins for the current stable codebase,
you should be look at the code in trunk, or any of the Volatility_1.3
branches.  This codebase includes some linux support, although I haven't
tested it myself.  This codebase has a slightly different set of
commands to use, so writing a plugin for the 1.3 branch won't work with
1.4/experimental and vice versa.

Having said that, the volatility 1.4 branch should make programming
plugins quite a bit easier, once you understand how the new framework
works.  5:)  I'd recommend reading through the existing 1.4 plugins in
the plugin directory, and asking questions on IRC to learn about those
areas, and if you're interested in writing linux plugins, then talk to
us about helping to get linux support going properly in the
1.4/experimental branches...

I hope that clears things up a little at least!  5:)

Mike  5:)


More information about the Vol-users mailing list