Volatility OpenRelik worker

Overview

This worker runs a couple of basic plugins on a memory dump using the Volatility 3 framework, and outputs the results to a new file in the same folder. Plugins that dump files also dump results to the same folder.

Global settings

Yara rules (optional): Yara rules to pass on to the Yara scanner plugins.
OS group (optional, defaults to win): OS group to run plugins on (win,lin,macos)
Output format (optional, defaults to txt): Output format for the Volatility plugins.

OS group supported plugins

Windows

windows.info
windows.pslist - Will dump processes to the directory.
windows.pstree
windows.vadyarascan.VadYaraScan - Needs the Yara rules option to work.

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
.github/workflows		.github/workflows
.vscode		.vscode
src		src
tests		tests
.gitignore		.gitignore
Dockerfile		Dockerfile
README.md		README.md
demo.png		demo.png
docker-compose-snippet.yml		docker-compose-snippet.yml
poetry.lock		poetry.lock
pyproject.toml		pyproject.toml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Volatility OpenRelik worker

Overview

Global settings

OS group supported plugins

Windows

About

Releases 1

Packages

Languages

tomchop/openrelik-worker-volatility

Folders and files

Latest commit

History

Repository files navigation

Volatility OpenRelik worker

Overview

Global settings

OS group supported plugins

Windows

About

Resources

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages