Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / volatilityfoundation/volatility3 issues and pull requests

#1355 - Missing Vol3 plugins

Issue - State: closed - Opened by wilsq36 7 days ago - 8 comments

#1354 - New Linux plugin: fbdev graphics API

Pull Request - State: open - Opened by Abyss-W4tcher 7 days ago

#1353 - Add first version of regex scanning plugins

Pull Request - State: open - Opened by eve-mem 8 days ago - 1 comment

#1349 - Possible bug using linux.pagecache.InodePages to extract files

Issue - State: closed - Opened by PNW-Hacker 11 days ago - 7 comments

#1348 - Linux: Add kthreads plugin to enumerate kernel threads start address

Pull Request - State: closed - Opened by gcmoreira 11 days ago - 2 comments

#1348 - Linux: Add kthreads plugin to enumerate kernel threads start address

Pull Request - State: closed - Opened by gcmoreira 11 days ago - 2 comments

#1347 - Volshell: add regex_scan

Pull Request - State: closed - Opened by eve-mem 11 days ago

#1346 - Linux - miscellaneous fixes

Pull Request - State: closed - Opened by gcmoreira 11 days ago

#1345 - Environment variable for the Microsoft Symbol Server URL

Pull Request - State: closed - Opened by mischw 11 days ago - 3 comments

#1344 - Add method to read inode content into memory

Pull Request - State: closed - Opened by joren485 14 days ago - 14 comments
Labels: parity-release

#1344 - Add method to read inode content into memory

Pull Request - State: closed - Opened by joren485 14 days ago - 14 comments
Labels: parity-release

#1343 - Improve argparse output readability and simplify plugin name invocation

Pull Request - State: open - Opened by lesander 15 days ago - 6 comments

#1343 - Improve argparse output readability and simplify plugin name invocation

Pull Request - State: open - Opened by lesander 15 days ago - 6 comments

#1342 - Update pyproject.toml and remove requirements and setup files

Pull Request - State: open - Opened by lesander 15 days ago - 5 comments

#1342 - Update pyproject.toml and remove requirements and setup files

Pull Request - State: open - Opened by lesander 15 days ago - 5 comments

#1341 - Fix typo in SuspiciousThreads

Pull Request - State: closed - Opened by joren485 15 days ago - 1 comment
Labels: parity-release

#1341 - Fix typo in SuspiciousThreads

Pull Request - State: closed - Opened by joren485 15 days ago - 1 comment
Labels: parity-release

#1340 - Print plugin description on plugin --help

Pull Request - State: closed - Opened by joren485 15 days ago
Labels: parity-release

#1340 - Print plugin description on plugin --help

Pull Request - State: closed - Opened by joren485 15 days ago
Labels: parity-release

#1339 - Core: Limit capstone to compatible versions

Pull Request - State: closed - Opened by ikelos 15 days ago

#1338 - Introduce scatter-gather scatterlists

Pull Request - State: open - Opened by Abyss-W4tcher 15 days ago

#1338 - Introduce scatter-gather scatterlists

Pull Request - State: open - Opened by Abyss-W4tcher 15 days ago

#1337 - Improve windows.amcache plugin description

Pull Request - State: closed - Opened by joren485 15 days ago - 1 comment

#1336 - Capstone >= 6.0.0 breaks current APIs

Issue - State: closed - Opened by Abyss-W4tcher 15 days ago - 3 comments

#1336 - Capstone >= 6.0.0 breaks current APIs

Issue - State: closed - Opened by Abyss-W4tcher 15 days ago - 3 comments

#1334 - Registry layer relies on standard plugin

Issue - State: open - Opened by ikelos 16 days ago

#1333 - Improve automagic classes selection

Issue - State: open - Opened by gcmoreira 17 days ago - 1 comment

#1333 - Improve automagic classes selection

Issue - State: open - Opened by gcmoreira 17 days ago - 1 comment

#1331 - Unable to automatically download necessary files to ntkrnlmp.pdb

Issue - State: open - Opened by Etopop 22 days ago - 2 comments

#1330 - New linux plugin: modxview

Pull Request - State: open - Opened by Abyss-W4tcher 23 days ago - 8 comments
Labels: parity-release

#1329 - linux: hidden_modules: Fix mess with merge #1283

Pull Request - State: closed - Opened by gcmoreira 23 days ago - 2 comments

#1329 - linux: hidden_modules: Fix mess with merge #1283

Pull Request - State: closed - Opened by gcmoreira 23 days ago - 2 comments

#1328 - Linux refactory module extension object mod_mem_type cache

Pull Request - State: closed - Opened by gcmoreira 24 days ago - 1 comment

#1327 - Linux: vfsmount type: Fix type comparison

Pull Request - State: closed - Opened by gcmoreira 24 days ago

#1327 - Linux: vfsmount type: Fix type comparison

Pull Request - State: closed - Opened by gcmoreira 24 days ago

#1326 - Linux: PageCache API: Fix typing

Pull Request - State: closed - Opened by gcmoreira 24 days ago

#1326 - Linux: PageCache API: Fix typing

Pull Request - State: closed - Opened by gcmoreira 24 days ago

#1325 - Question - Does Volatility Support DumpIt compressed zdmp?

Issue - State: open - Opened by createchange 24 days ago - 7 comments
Labels: enhancement

#1324 - pedump help message doesn't match flag

Issue - State: open - Opened by superponible 24 days ago - 1 comment

#1324 - pedump help message doesn't match flag

Issue - State: open - Opened by superponible 24 days ago - 1 comment

#1323 - Linux: netfilter plugin: Fix hooked field to match Volatility2 output

Pull Request - State: closed - Opened by gcmoreira 25 days ago - 4 comments
Labels: parity-release

#1321 - Generic: Add first attempt at pgdscan plugin

Pull Request - State: open - Opened by eve-mem 28 days ago - 2 comments

#1320 - Linux: Extensions - removes abc.Iterable definition

Pull Request - State: closed - Opened by dgmcdona 29 days ago - 5 comments

#1319 - Support multiple offsets in dumpfiles

Issue - State: open - Opened by atcuno 29 days ago
Labels: parity-release

#1318 - Allow to import external locals in volshell environment

Pull Request - State: closed - Opened by Abyss-W4tcher about 1 month ago - 1 comment

#1317 - Linux - Boottime support

Pull Request - State: closed - Opened by gcmoreira about 1 month ago - 5 comments
Labels: parity-release

#1316 - Enable Remote ISF server for Linux testcases

Pull Request - State: open - Opened by gcmoreira about 1 month ago - 8 comments

#1315 - dwarf2json rust type confusion sanity check

Pull Request - State: closed - Opened by Abyss-W4tcher about 1 month ago

#1314 - Linux adds hlist_head object extension

Pull Request - State: closed - Opened by gcmoreira about 1 month ago - 3 comments
Labels: parity-release

#1313 - Linux: pagecache broken on kernel versions >= 6.8

Issue - State: closed - Opened by dgmcdona about 1 month ago - 1 comment
Labels: parity-release

#1312 - Cannot extract files/processes from memory sample in linux

Issue - State: open - Opened by SolitudePy about 1 month ago - 17 comments
Labels: enhancement, linux/mac, plugin-request

#1311 - Linux - Add support for task threads in kernels >= 6.7

Pull Request - State: closed - Opened by gcmoreira about 1 month ago
Labels: parity-release

#1310 - Framework: Add 'Data' type to base types

Pull Request - State: open - Opened by dgmcdona about 1 month ago - 3 comments
Labels: parity-release

#1309 - --filters parameter can break JSONL renderer

Issue - State: open - Opened by dgmcdona about 1 month ago - 1 comment

#1308 - Linux: Netfilter - fix traceback on missing module name

Pull Request - State: closed - Opened by dgmcdona about 1 month ago - 1 comment

#1307 - Windows: Adds scheduled tasks plugin

Pull Request - State: closed - Opened by dgmcdona about 1 month ago - 1 comment
Labels: parity-release

#1306 - Release/v2.8.0

Pull Request - State: closed - Opened by ikelos about 1 month ago

#1305 - Add in dwarf2json warning about sybmols with rust namespace

Pull Request - State: closed - Opened by ikelos about 1 month ago - 6 comments

#1304 - Support hiding columns in the CLI

Pull Request - State: closed - Opened by ikelos about 2 months ago

#1302 - windows.pstree output too much data. Support hiding columns

Issue - State: closed - Opened by atcuno about 2 months ago - 3 comments
Labels: parity-release

#1301 - Fix black stable version issue with Python 3.8

Pull Request - State: closed - Opened by gcmoreira about 2 months ago - 2 comments

#1300 - [plugin] Add dirty state IoC detection to malfind

Pull Request - State: closed - Opened by Abyss-W4tcher about 2 months ago - 6 comments

#1299 - #1298 - include hive name in key path

Pull Request - State: closed - Opened by superponible about 2 months ago - 1 comment
Labels: parity-release

#1298 - printkey output confusing when key not found

Issue - State: closed - Opened by superponible about 2 months ago
Labels: parity-release

#1297 - refs #1296 sort volshell methods alphabetically in hh() output

Pull Request - State: closed - Opened by iMHLv2 about 2 months ago

#1296 - Sort volshell methods alphabetically

Issue - State: closed - Opened by iMHLv2 about 2 months ago - 1 comment

#1295 - Docs: Add warning around LiME raw format

Pull Request - State: closed - Opened by eve-mem about 2 months ago - 1 comment

#1294 - Understand then document or fix why some plugins don't work with --config

Issue - State: open - Opened by atcuno about 2 months ago - 14 comments
Labels: parity-release

#1293 - #1292 - use correct sector size for DataSectionObject file dumping

Pull Request - State: closed - Opened by superponible about 2 months ago
Labels: parity-release

#1292 - Dumpfiles uses incorrect sector size for DataSectionObject

Issue - State: closed - Opened by superponible about 2 months ago
Labels: bug

#1291 - Supporting Linux symbol tables converted from Vol2 or made for kernels without full vmlinux available

Issue - State: open - Opened by atcuno about 2 months ago - 16 comments
Labels: parity-release

#1290 - Windows: unloadedmodules bugfix

Pull Request - State: closed - Opened by dgmcdona about 2 months ago
Labels: parity-release

#1289 - Linux: Properly get paths in simple_dname paths

Pull Request - State: closed - Opened by dgmcdona about 2 months ago
Labels: parity-release

#1288 - Add Linux ptrace plugin

Pull Request - State: closed - Opened by gcmoreira about 2 months ago - 2 comments
Labels: parity-release

#1287 - Plugins: Yarascan + Vadyarascan Context

Pull Request - State: open - Opened by dgmcdona about 2 months ago - 7 comments
Labels: parity-release

#1286 - Add detection of malicious ftrace and tracepoints

Issue - State: open - Opened by atcuno about 2 months ago - 4 comments
Labels: parity-release

#1284 - Fix misuse of all() and any() functions across the codebase

Pull Request - State: closed - Opened by gcmoreira about 2 months ago - 1 comment
Labels: parity-release

#1283 - Add linux hidden_modules plugin

Pull Request - State: closed - Opened by gcmoreira about 2 months ago - 16 comments
Labels: parity-release

#1282 - System CR3 is not being found on some Hyper-V dumps

Issue - State: closed - Opened by nbodea about 2 months ago - 3 comments

#1280 - Regrading volatility plugin IDT

Issue - State: open - Opened by Balaji2520 about 2 months ago - 4 comments

#1279 - Linux: Sockstat - adds pytest

Pull Request - State: closed - Opened by dgmcdona about 2 months ago - 3 comments
Labels: parity-release

#1278 - Linux: Sockstat - fix incorrect version bump

Pull Request - State: closed - Opened by dgmcdona about 2 months ago - 2 comments

#1277 - Windows: Netscan - fix missing TCP connections

Pull Request - State: closed - Opened by dgmcdona about 2 months ago - 1 comment

#1276 - Windows: Callbacks - fixes bad callback validity check

Pull Request - State: closed - Opened by dgmcdona about 2 months ago - 1 comment

#1275 - IndexError: Member not present in template: PrcbData

Issue - State: closed - Opened by Balaji2520 about 2 months ago - 1 comment

#1274 - Ensure the class for Modules is stored in the configruation

Pull Request - State: closed - Opened by ikelos about 2 months ago - 7 comments

#1273 - Windows: psxview win10 bugfix

Pull Request - State: closed - Opened by dgmcdona about 2 months ago