Tweet
Volatility Workbench v3.0.1007, based on Volatility 3 2.7.0, has been released:
https://www.osforensics.com/tools/vo...workbench.html
Any feedback is welcome.
https://www.osforensics.com/tools/vo...workbench.html
Any feedback is welcome.
-
-
thank you so much simonComment
-
I am unable to see all plugins in Volatility Workbench 3, such as the Dump plugins. Are there any specific requirements needed?
Comment
-
Hi,
I've encountered an issue with Volatility Workbench 3 where not all plugins, such as the Dump plugins, are visible (as mentioned above). Despite trying two different versions, including the latest one, the problem persists. Are there any solutions or specific requirements needed to resolve this issue?
Comment
-
There are no additional requirements, some commands were disabled probably due to not working properly within the workbench.
Testing some of the disabled commands seem to work ok. We'll look at re-enabling them in a future release.
As a alternative, you can run all commands through vol.exe until then.Comment
-
Great, thank you for the update.Comment
-
Volatility 3 2.8.0 Latest- New plugins:
- vmscan
- linux.netfilter
- windows.hollowprocesses
- windows.kpcrs
- windows.pedump
- windows.processghosting
- windows.psxview
- windows.registry.getcellroutine
- windows.shimcachemem
- windows.suspicious_threads
- windows.svcdiff
- windows.svclist
- windows.threads
- windows.timers
- windows.unloadedmodules
- Improvements to:
- userassist with timeliner support
- bugfixes and additions to windows.modules and windows.modscan
- windows.callbacks plugin to support more callbacks
- Smear protection on windows
- Clearing the cache
- Intel layer
- Clang no longer using long unsigned int for pointers
- argcomplete support
Volatility 3 now uses features that require a minimum version of python >= 3.7.3.
I would love to get my hands on a new windows binary soon.
Kind RegardsComment
- New plugins:
Comment