Tools

Volatility 설치

1. 개념

Python 기반 Windows Memory Forensic Tool

 

2. 설치 환경

OS : Windows 10 Home 64-bit
Python : 2.7.14

 

3. 설치 방법

– python 2.7.14 설치
https://www.python.org/downloads/release/python-2714/

– pycrpto 설치
http://www.voidspace.org.uk/python/pycrypto-2.6.1/pycrypto-2.6.1.win-amd64-py2.7.msi

– distorm3 설치
easy_install distorm3

– yara-python-1.7.win-amd64-py2.7 설치
https://code.google.com/archive/p/yara-project/downloads

– Volatility 2.6 다운로드 : Volatility 2.6 Source Code (.zip) 다운로드, Not Standalone
http://www.volatilityfoundation.org/26
http://downloads.volatilityfoundation.org/releases/2.6/volatility-2.6.zip

– 다운받은 파일을 압축 해제 후 아래 경로로 복사
C:\Python27\Lib\site-packages
cd C:\Python27\Lib\site-packages\volatility-2.6\volatility-master
python setup.py build
python setup.py install

– 확인
python vol.py -h

manager

Subject

Computer Science
Cloud
Security
Investment

GitHub

GitHub
ⓒ Waterhouse. All Right Reserved 2017-2022. nullvszero@gmail.com | Theme: yaatra by CodeVibrant.
Back To Top