GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → carlospolop → autoVolatility

carlospolop / autoVolatility

Licence: other
Run several volatility plugins at the same time

Programming Languages

python
139335 projects - #7 most used programming language

Labels

volatilityvolatility-pluginsdefault-autovolatility

Projects that are alternatives of or similar to autoVolatility

Vol3xp
Volatility Explorer Suit
Stars: ✭ 31 (-50.79%)
Mutual labels:  volatility, volatility-plugins
quincy
Implementation of the DIMVA 2017 publication "Quincy: Detecting Host-Based Code Injection Attacks in Memory Dumps"
Stars: ✭ 66 (+4.76%)
Mutual labels:  volatility
AppmemDumper
Forensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (-65.08%)
Mutual labels:  volatility
Derbit-Volatility-Visulization
Visualization Tool for Deribit Options
Stars: ✭ 66 (+4.76%)
Mutual labels:  volatility
Ta
Technical Analysis Library using Pandas and Numpy
Stars: ✭ 2,649 (+4104.76%)
Mutual labels:  volatility
AI-for-Trading
📈This repo contains detailed notes and multiple projects implemented in Python related to AI and Finance. Follow the blog here: https://purvasingh.medium.com
Stars: ✭ 59 (-6.35%)
Mutual labels:  volatility
HistoricalVolatility
A framework for historical volatility estimation and analysis.
Stars: ✭ 22 (-65.08%)
Mutual labels:  volatility
binance-pump-alerts
Tracks prices of pairs on binance and notifies when price movements based on pre-defined parameters are met.
Stars: ✭ 65 (+3.17%)
Mutual labels:  volatility
Black-Scholes-Option-Pricing-Model
Black Scholes Option Pricing calculator with Greeks and implied volatility computations. Geometric Brownian Motion simulator with payoff value diagram and volatility smile plots. Java GUI.
Stars: ✭ 25 (-60.32%)
Mutual labels:  volatility
ARCHModels.jl
A Julia package for estimating ARMA-GARCH models.
Stars: ✭ 63 (+0%)
Mutual labels:  volatility
calamity
A script to assist in processing forensic RAM captures for malware triage
Stars: ✭ 24 (-61.9%)
Mutual labels:  volatility
impfuzzy
Fuzzy Hash calculated from import API of PE files
Stars: ✭ 67 (+6.35%)
Mutual labels:  volatility
malhunt
Hunt malware with Volatility
Stars: ✭ 30 (-52.38%)
Mutual labels:  volatility
optlib
A library for financial options pricing written in Python.
Stars: ✭ 166 (+163.49%)
Mutual labels:  volatility
pyOptionPricing
Option pricing based on Black-Scholes processes, Monte-Carlo simulations with Geometric Brownian Motion, historical volatility, implied volatility, Greeks hedging
Stars: ✭ 190 (+201.59%)
Mutual labels:  volatility
SqliteFind
A Volatility plugin for finding sqlite database rows
Stars: ✭ 21 (-66.67%)
Mutual labels:  volatility-plugins

AutoVolatility

AutoVolatility is a script made to run several volatility plugins at the same time

How to use

AutoVolatility will create a new folder in the output directory for each plugin executed.

You can run the "main" volatility plugins doing

python autoVolatility.py -f MEMFILE -d OUT_DIRECTORY

Be default autoVolatility tries to execute volatility. If you do not have volatility executable in path or with this name, you can set where your volatility executable is using the option -e

python autoVolatility.py -f MEMFILE -d OUT_DIRECTORY -e /home/user/tools/volatility/vol.py

AutoVolatility will use the plugin "imageinfo" to figure out the profile to use. But if you know the profile, you can set it using the option -p

python autoVolatility.py -f MEMFILE -d OUT_DIRECTORY -p WinXPSP2x86

If you want to run almos all the default plugins that comes with volatility you can use the option -a

python autoVolatility.py -f MEMFILE -d OUT_DIRECTORY -a

By default autoVolatility uses 8 threads, but you can change it with the option -t

python autoVolatility.py -f MEMFILE -d OUT_DIRECTORY -t 16 # 16 threads

If want autoVolatility to run other plugins, you can do so using the option -c

python autoVolatility.py -f MEMFILE -d OUT_DIRECTORY -c amcache,auditpol,cachedump,clipboard,cmdline,cmdscan # Only these plugins will be executed

The plugins executed by default are:

dump_plugins = ["dumpcerts", "dumpregistry", "dumpfiles", "dumpregistry"]

plugins = ["amcache", "auditpol", "cachedump", "clipboard", "cmdline", "cmdscan", "connections", "connscan", "consoles", "deskscan", "devicetree", "dlllist",
            "envars", "getservicesids", "handles", "hashdump", "hibinfo", "hivelist", "hivescan", "iehistory", "ldrmodules", "lsadump", "malfind", "mbrparser", "memmap", "mftparser", "modules", "notepad", 
            "privs", "pslist", "psscan", "pstree", "psxview", "qemuinfo", "servicediff", "sessions", "sockets", "sockscan", "ssdt", "strings", "svcscan", "symlinkscan", "thrdscan", "verinfo", "windows", "wintree"]

The plugins executed using the option -a are:

dump_plugins = ["dumpcerts", "dumpregistry", "dumpfiles", "dumpregistry"]


plugins_all = ["amcache", "apihooks", "atoms", "atomscan", "auditpol", "bigpools", "bioskbd", "cachedump", "callbacks", "clipboard", "cmdline", "cmdscan", "connections", "connscan", "consoles", "crashinfo",
                "deskscan", "devicetree", "dlldump", "dlllist", "driverirp", "drivermodule", "driverscan", "editbox", "envars", "eventhooks", "evtlogs", "filescan", 
                "gahti", "gditimers", "gdt", "getservicesids", "getsids", "handles", "hashdump", "hibinfo", "hivelist", "hivescan", "hpakextract", "hpakinfo", "idt", "iehistory", "imagecopy", "imageinfo",
                "joblinks", "kdbgscan", "kpcrscan", "ldrmodules", "lsadump", "malfind", "mbrparser", "memdump", "memmap", "messagehooks", "mftparser", "moddump", "modscan", "modules", "multiscan", "mutantscan",
                "notepad", "objtypescan", "patcher", "printkey", "privs", "procdump", "pslist", "psscan", "pstree", "psxview", "qemuinfo", "raw2dmp", "screenshot", "servicediff", "sessions", "shellbags", "shimcache",
                "shutdowntime", "sockets", "sockscan", "ssdt", "strings", "svcscan", "symlinkscan", "thrdscan", "threads", "timeliner", "timers", "truecryptmaster", "truecryptpassphrase", "truecryptsummary",
                "unloadedmodules", "userassist", "userhandles", "vaddump", "vadinfo", "vadtree", "vadwalk", "vboxinfo", "verinfo", "vmwareinfo", "windows", "wintree", "wndscan"]
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].