-
Notifications
You must be signed in to change notification settings - Fork 81
Usage
KevTheHermit edited this page Apr 12, 2016
·
11 revisions
Basic Configuraion and Usage
Table of Contents
Third party plugins can be included in one of two ways.
- Add plugins to the VolUtility/plugins folder
- From the main page click 'Add Plugins' and enter the full path to the folder containing your plugins.
Profiles are required in order for volatility to correctly map memory. By default all windows profiels are included. Profiles for linux and mac are not provided but can be sourced or created.
- Link to vol profiles
- Link to create profiles page
Once you have a profile zip package they can be added in a simialr manner to plugins.
- Copy the zip in to VolUtility/plugins/overlays
- From the main page click 'Add Plugins' and enter the full path to teh folder containing your profiles. (must be in a subfolder labeled overlays)
Yara rules can be added to the VolUtility/yararules folder. If you want your rule to be included in teh 'all rules' scan. you will need to add it the index.yar file.