[Forensics-changes] [volatility] branch upstream updated (831b314 -> 4997efe)
Joao Eriberto Mota Filho
eriberto at moszumanska.debian.org
Tue Oct 28 13:19:42 UTC 2014
This is an automated email from the git hooks/post-receive script.
eriberto pushed a change to branch upstream
in repository volatility.
from 831b314 Adding upstream version 2.3.1.
new 4997efe Imported Upstream version 2.4
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
CHANGELOG.txt | 8 +-
CREDITS.txt | 12 +
LEGAL.txt | 7 +-
LICENSE.txt | 10 -
PKG-INFO | 2 +-
README.txt | 612 +-
contrib/plugins/disablewarnings.py | 7 +-
contrib/plugins/enumfunc.py | 7 +-
contrib/plugins/example.py | 7 +-
contrib/plugins/pagecheck.py | 7 +-
contrib/plugins/psdispscan.py | 7 +-
contrib/plugins/scanprof.py | 7 +-
contrib/plugins/verinfo.py | 408 -
pyinstaller.spec | 2 +-
pyinstaller/hook-distorm3.py | 10 +-
setup.py | 7 +-
tools/linux/Makefile | 6 +-
tools/linux/module.c | 87 +-
tools/mac/convert.py | 12 +-
tools/mac/mac_create_all_profiles.py | 133 +
tools/vtype_diff.py | 7 +-
vol.py | 18 +-
volatility.egg-info/PKG-INFO | 2 +-
volatility.egg-info/SOURCES.txt | 94 +-
volatility/addrspace.py | 41 +-
volatility/cache.py | 7 +-
volatility/commands.py | 13 +-
volatility/constants.py | 9 +-
volatility/debug.py | 7 +-
volatility/dwarf.py | 7 +-
volatility/exceptions.py | 7 +-
volatility/fmtspec.py | 7 +-
volatility/obj.py | 30 +-
volatility/plugins/addrspaces/amd64.py | 7 +-
volatility/plugins/addrspaces/arm.py | 7 +-
volatility/plugins/addrspaces/crash.py | 24 +-
volatility/plugins/addrspaces/crashbmp.py | 120 +
.../addrspaces/{vboxelf.py => elfcoredump.py} | 55 +-
volatility/plugins/addrspaces/hibernate.py | 7 +-
volatility/plugins/addrspaces/hpak.py | 44 +-
volatility/plugins/addrspaces/ieee1394.py | 15 +-
volatility/plugins/addrspaces/intel.py | 18 +-
volatility/plugins/addrspaces/lime.py | 7 +-
volatility/plugins/addrspaces/macho.py | 117 +-
volatility/plugins/addrspaces/osxpmemelf.py | 72 +
volatility/plugins/addrspaces/paged.py | 7 +-
volatility/plugins/addrspaces/standard.py | 12 +-
volatility/plugins/addrspaces/vmem.py | 124 +
volatility/plugins/addrspaces/vmware.py | 53 +-
volatility/plugins/bigpagepools.py | 200 +
volatility/plugins/bioskbd.py | 7 +-
volatility/plugins/cmdline.py | 33 +
volatility/plugins/common.py | 124 +-
volatility/plugins/connections.py | 7 +-
volatility/plugins/connscan.py | 59 +-
volatility/plugins/crashinfo.py | 13 +-
volatility/plugins/dlldump.py | 13 +-
volatility/plugins/dumpcerts.py | 13 +-
volatility/plugins/dumpfiles.py | 45 +-
volatility/plugins/envars.py | 74 +-
volatility/plugins/evtlogs.py | 20 +-
volatility/plugins/fileparam.py | 7 +-
volatility/plugins/filescan.py | 476 +-
volatility/plugins/getservicesids.py | 11 +-
volatility/plugins/getsids.py | 40 +-
volatility/plugins/gui/atoms.py | 72 +-
volatility/plugins/gui/clipboard.py | 7 +-
volatility/plugins/gui/constants.py | 7 +-
volatility/plugins/gui/desktops.py | 7 +-
volatility/plugins/gui/eventhooks.py | 7 +-
volatility/plugins/gui/gahti.py | 8 +-
volatility/plugins/gui/gditimers.py | 15 +-
volatility/plugins/gui/messagehooks.py | 7 +-
volatility/plugins/gui/screenshot.py | 7 +-
volatility/plugins/gui/sessions.py | 7 +-
volatility/plugins/gui/userhandles.py | 7 +-
volatility/plugins/gui/vtypes/vista.py | 7 +-
volatility/plugins/gui/vtypes/win2003.py | 7 +-
volatility/plugins/gui/vtypes/win7.py | 9 +-
volatility/plugins/gui/vtypes/win8.py | 220 +
volatility/plugins/gui/vtypes/xp.py | 7 +-
volatility/plugins/gui/win32k_core.py | 49 +-
volatility/plugins/gui/windows.py | 7 +-
volatility/plugins/gui/windowstations.py | 81 +-
volatility/plugins/handles.py | 13 +-
volatility/plugins/heaps.py | 34 +
volatility/plugins/hibinfo.py | 7 +-
volatility/plugins/hpakinfo.py | 16 +-
volatility/plugins/iehistory.py | 20 +-
volatility/plugins/imagecopy.py | 26 +-
volatility/plugins/imageinfo.py | 16 +-
volatility/plugins/joblinks.py | 95 +
volatility/plugins/kdbgscan.py | 43 +-
volatility/plugins/kpcrscan.py | 7 +-
volatility/plugins/linux/apihooks.py | 163 +
volatility/plugins/linux/arp.py | 16 +-
volatility/plugins/linux/banner.py | 7 +-
volatility/plugins/linux/bash.py | 48 +-
volatility/plugins/linux/bash_hash.py | 137 +
volatility/plugins/linux/check_afinfo.py | 8 +-
volatility/plugins/linux/check_creds.py | 7 +-
volatility/plugins/linux/check_evt_arm.py | 7 +-
volatility/plugins/linux/check_fops.py | 24 +-
volatility/plugins/linux/check_idt.py | 11 +-
volatility/plugins/linux/check_inline_kernel.py | 311 +
volatility/plugins/linux/check_modules.py | 18 +-
volatility/plugins/linux/check_syscall.py | 104 +-
volatility/plugins/linux/check_syscall_arm.py | 7 +-
volatility/plugins/linux/common.py | 55 +-
volatility/plugins/linux/cpuinfo.py | 14 +-
volatility/plugins/linux/dentry_cache.py | 7 +-
volatility/plugins/linux/dmesg.py | 7 +-
volatility/plugins/linux/dump_map.py | 7 +-
volatility/plugins/linux/elfs.py | 57 +
.../{mac/version.py => linux/enumerate_files.py} | 29 +-
volatility/plugins/linux/find_file.py | 88 +-
volatility/plugins/linux/flags.py | 7 +-
volatility/plugins/linux/hidden_modules.py | 86 +
volatility/plugins/linux/ifconfig.py | 21 +-
volatility/plugins/linux/info_regs.py | 138 +
volatility/plugins/linux/iomem.py | 9 +-
volatility/plugins/linux/kernel_opened_files.py | 127 +
...{keyboard_notifier.py => keyboard_notifiers.py} | 21 +-
.../plugins/linux/{lsof.py => ldrmodules.py} | 40 +-
volatility/plugins/linux/libc_env.py | 115 +
volatility/plugins/linux/library_list.py | 53 +
volatility/plugins/linux/librarydump.py | 76 +
volatility/plugins/linux/{banner.py => lime.py} | 51 +-
volatility/plugins/linux/linux_strings.py | 113 +
volatility/plugins/linux/linux_truecrypt.py | 144 +
volatility/plugins/linux/linux_volshell.py | 23 +-
volatility/plugins/linux/linux_yarascan.py | 43 +-
volatility/plugins/linux/list_raw.py | 133 +
volatility/plugins/linux/lsmod.py | 680 +-
volatility/plugins/linux/lsof.py | 27 +-
volatility/plugins/linux/malfind.py | 77 +
volatility/plugins/linux/mount.py | 135 +-
volatility/plugins/linux/mount_cache.py | 7 +-
volatility/plugins/linux/netfiler.py | 75 +
volatility/plugins/linux/netstat.py | 77 +-
volatility/plugins/linux/pidhashtable.py | 7 +-
volatility/plugins/linux/pkt_queues.py | 9 +-
volatility/plugins/linux/plthook.py | 144 +
volatility/plugins/linux/proc_maps.py | 20 +-
.../plugins/linux/{psaux.py => proc_maps_rb.py} | 18 +-
volatility/plugins/linux/procdump.py | 115 +
volatility/plugins/linux/process_hollow.py | 123 +
volatility/plugins/linux/process_info.py | 781 +
volatility/plugins/linux/process_stack.py | 853 +
volatility/plugins/linux/psaux.py | 7 +-
volatility/plugins/linux/{psaux.py => psenv.py} | 10 +-
volatility/plugins/linux/pslist.py | 36 +-
volatility/plugins/linux/pslist_cache.py | 7 +-
volatility/plugins/linux/pstree.py | 7 +-
volatility/plugins/linux/psxview.py | 29 +-
volatility/plugins/linux/recover_filesystem.py | 108 +
volatility/plugins/linux/route_cache.py | 32 +-
volatility/plugins/linux/sk_buff_cache.py | 7 +-
volatility/plugins/linux/slab_info.py | 12 +-
volatility/plugins/linux/threads.py | 38 +
volatility/plugins/linux/tmpfs.py | 20 +-
volatility/plugins/linux/tty_check.py | 19 +-
volatility/plugins/linux/vma_cache.py | 7 +-
volatility/plugins/mac/adiummsgs.py | 137 +
volatility/plugins/mac/apihooks.py | 227 +
volatility/plugins/mac/apihooks_kernel.py | 520 +
volatility/plugins/mac/arp.py | 7 +-
volatility/plugins/{linux => mac}/bash.py | 156 +-
volatility/plugins/mac/bash_env.py | 128 +
volatility/plugins/mac/bash_hash.py | 303 +
volatility/plugins/mac/calendar.py | 119 +
volatility/plugins/mac/check_mig_table.py | 67 +
volatility/plugins/mac/check_syscall_shadow.py | 109 +
volatility/plugins/mac/check_syscall_table.py | 56 +-
volatility/plugins/mac/check_sysctl.py | 51 +-
volatility/plugins/mac/check_trap_table.py | 16 +-
volatility/plugins/mac/common.py | 57 +-
volatility/plugins/mac/contacts.py | 67 +
volatility/plugins/mac/dead_procs.py | 7 +-
volatility/plugins/mac/dead_sockets.py | 81 +
.../plugins/mac/{dead_procs.py => dead_vnodes.py} | 27 +-
.../plugins/mac/{proc_maps.py => dlyd_maps.py} | 39 +-
volatility/plugins/mac/dmesg.py | 7 +-
volatility/plugins/mac/dump_files.py | 61 +
volatility/plugins/mac/dump_map.py | 65 +-
volatility/plugins/mac/find_aslr_shift.py | 7 +-
volatility/plugins/mac/gkextmap.py | 91 +
volatility/plugins/mac/ifconfig.py | 7 +-
volatility/plugins/mac/ip_filters.py | 7 +-
volatility/plugins/mac/keychaindump.py | 78 +
volatility/plugins/mac/ldrmodules.py | 108 +
volatility/plugins/mac/librarydump.py | 75 +
.../mac/{print_boot_cmdline.py => list_files.py} | 35 +-
volatility/plugins/mac/list_zones.py | 7 +-
volatility/plugins/mac/lsmod.py | 25 +-
volatility/plugins/mac/lsmod_iokit.py | 77 +
volatility/plugins/mac/lsof.py | 20 +-
volatility/plugins/mac/mac_strings.py | 113 +
volatility/plugins/mac/mac_volshell.py | 26 +-
volatility/plugins/mac/mac_yarascan.py | 47 +-
volatility/plugins/mac/machine_info.py | 7 +-
volatility/plugins/mac/malfind.py | 82 +
volatility/plugins/mac/memdump.py | 65 +
volatility/plugins/mac/moddump.py | 90 +
volatility/plugins/mac/mount.py | 7 +-
volatility/plugins/mac/netconns.py | 103 +
volatility/plugins/mac/netstat.py | 11 +-
volatility/plugins/mac/notesapp.py | 109 +
volatility/plugins/mac/notifiers.py | 37 +-
volatility/plugins/mac/pgrp_hash_table.py | 7 +-
volatility/plugins/mac/pid_hash_table.py | 7 +-
volatility/plugins/mac/print_boot_cmdline.py | 7 +-
volatility/plugins/mac/proc_maps.py | 13 +-
volatility/plugins/mac/procdump.py | 107 +
volatility/plugins/mac/psaux.py | 7 +-
volatility/plugins/mac/pslist.py | 7 +-
volatility/plugins/mac/pstasks.py | 40 +-
volatility/plugins/mac/pstree.py | 7 +-
volatility/plugins/mac/psxview.py | 9 +-
volatility/plugins/mac/recover_filesystem.py | 115 +
volatility/plugins/mac/route.py | 9 +-
volatility/plugins/mac/session_hash_table.py | 7 +-
volatility/plugins/mac/socket_filters.py | 86 +
volatility/plugins/mac/trustedbsd.py | 29 +-
volatility/plugins/mac/version.py | 7 +-
volatility/plugins/machoinfo.py | 7 +-
volatility/plugins/malware/apihooks.py | 215 +-
volatility/plugins/malware/callbacks.py | 497 +-
volatility/plugins/malware/cmdhistory.py | 7 +-
volatility/plugins/malware/devicetree.py | 41 +-
volatility/plugins/malware/idt.py | 9 +-
volatility/plugins/malware/impscan.py | 37 +-
volatility/plugins/malware/malfind.py | 234 +-
volatility/plugins/malware/psxview.py | 157 +-
volatility/plugins/malware/svcscan.py | 102 +-
volatility/plugins/malware/threads.py | 16 +-
volatility/plugins/malware/timers.py | 130 +-
volatility/plugins/mbrparser.py | 17 +-
volatility/plugins/mftparser.py | 401 +-
volatility/plugins/moddump.py | 11 +-
volatility/plugins/modscan.py | 148 +-
volatility/plugins/modules.py | 7 +-
volatility/plugins/multiscan.py | 55 +
volatility/plugins/netscan.py | 169 +-
volatility/plugins/notepad.py | 218 +
volatility/plugins/objtypescan.py | 70 +
volatility/plugins/overlays/basic.py | 7 +-
volatility/plugins/overlays/linux/elf.py | 791 +-
volatility/plugins/overlays/linux/linux.py | 755 +-
volatility/plugins/overlays/linux/linux64.py | 48 -
volatility/plugins/overlays/mac/mac.py | 546 +-
volatility/plugins/overlays/mac/macho.py | 671 +
volatility/plugins/overlays/windows/kdbg_vtypes.py | 27 +-
volatility/plugins/overlays/windows/kpcr_vtypes.py | 7 +-
volatility/plugins/overlays/windows/pe_vtypes.py | 495 +-
volatility/plugins/overlays/windows/ssdt_vtypes.py | 28 +
.../plugins/overlays/windows/tcpip_vtypes.py | 83 +-
volatility/plugins/overlays/windows/vad_vtypes.py | 526 +
volatility/plugins/overlays/windows/vista.py | 45 +-
.../overlays/windows/vista_sp0_x64_syscalls.py | 7 +-
.../overlays/windows/vista_sp0_x86_syscalls.py | 7 +-
.../overlays/windows/vista_sp12_x64_syscalls.py | 7 +-
.../overlays/windows/vista_sp12_x86_syscalls.py | 7 +-
volatility/plugins/overlays/windows/win2003.py | 74 +-
.../overlays/windows/win2003_sp0_x86_syscalls.py | 7 +-
.../overlays/windows/win2003_sp12_x64_syscalls.py | 7 +-
.../overlays/windows/win2003_sp12_x86_syscalls.py | 7 +-
volatility/plugins/overlays/windows/win7.py | 7 +-
.../overlays/windows/win7_sp01_x64_syscalls.py | 7 +-
.../overlays/windows/win7_sp01_x86_syscalls.py | 7 +-
volatility/plugins/overlays/windows/win8.py | 427 +
volatility/plugins/overlays/windows/win8_kdbg.py | 243 +
.../overlays/windows/win8_sp0_x64_syscalls.py | 1421 ++
...n7_sp1_x64_vtypes.py => win8_sp0_x64_vtypes.py} | 17835 ++++++++++--------
.../overlays/windows/win8_sp0_x86_syscalls.py | 1419 ++
...n7_sp1_x86_vtypes.py => win8_sp0_x86_vtypes.py} | 17015 +++++++++--------
.../overlays/windows/win8_sp1_x64_syscalls.py | 1477 ++
...n7_sp1_x64_vtypes.py => win8_sp1_x64_vtypes.py} | 18669 ++++++++++---------
.../overlays/windows/win8_sp1_x86_syscalls.py | 1475 ++
...n7_sp0_x86_vtypes.py => win8_sp1_x86_vtypes.py} | 17649 ++++++++++--------
volatility/plugins/overlays/windows/windows.py | 715 +-
volatility/plugins/overlays/windows/windows64.py | 18 +-
volatility/plugins/overlays/windows/xp.py | 10 +-
.../overlays/windows/xp_sp2_x86_syscalls.py | 7 +-
volatility/plugins/patcher.py | 7 +-
volatility/plugins/patchguard.py | 17 +
volatility/plugins/pooltracker.py | 221 +
volatility/plugins/privileges.py | 7 +-
volatility/plugins/procdump.py | 147 +-
volatility/plugins/pstree.py | 14 +-
volatility/plugins/raw2dmp.py | 42 +-
volatility/plugins/registry/auditpol.py | 357 +
volatility/plugins/registry/hivelist.py | 10 +-
volatility/plugins/registry/hivescan.py | 83 +-
volatility/plugins/registry/lsadump.py | 65 +-
volatility/plugins/registry/printkey.py | 16 +-
volatility/plugins/registry/registryapi.py | 62 +-
volatility/plugins/registry/shellbags.py | 100 +-
volatility/plugins/registry/shimcache.py | 11 +-
volatility/plugins/{ => registry}/userassist.py | 13 +-
volatility/plugins/sockets.py | 7 +-
volatility/plugins/sockscan.py | 74 +-
volatility/plugins/ssdt.py | 10 +-
volatility/plugins/strings.py | 214 +-
volatility/plugins/taskmods.py | 50 +-
volatility/plugins/tcaudit.py | 667 +
volatility/plugins/timeliner.py | 776 +-
volatility/plugins/vadinfo.py | 68 +-
volatility/plugins/vboxinfo.py | 7 +-
volatility/plugins/verinfo.py | 95 +
volatility/plugins/vmwareinfo.py | 13 +-
volatility/plugins/volshell.py | 145 +-
volatility/poolscan.py | 385 +
volatility/scan.py | 55 +-
volatility/timefmt.py | 7 +-
volatility/utils.py | 10 +-
volatility/win32/crashdump.py | 7 +-
volatility/win32/domcachedump.py | 91 +-
volatility/win32/hashdump.py | 21 +-
volatility/win32/hive.py | 12 +-
volatility/win32/lsasecrets.py | 89 +-
volatility/win32/modules.py | 7 +-
volatility/win32/network.py | 7 +-
volatility/win32/rawreg.py | 13 +-
volatility/win32/tasks.py | 35 +-
volatility/win32/xpress.py | 7 +-
326 files changed, 65450 insertions(+), 37772 deletions(-)
delete mode 100644 contrib/plugins/verinfo.py
create mode 100644 tools/mac/mac_create_all_profiles.py
create mode 100755 volatility/plugins/addrspaces/crashbmp.py
rename volatility/plugins/addrspaces/{vboxelf.py => elfcoredump.py} (68%)
create mode 100644 volatility/plugins/addrspaces/osxpmemelf.py
create mode 100644 volatility/plugins/addrspaces/vmem.py
create mode 100644 volatility/plugins/bigpagepools.py
create mode 100644 volatility/plugins/cmdline.py
create mode 100644 volatility/plugins/gui/vtypes/win8.py
create mode 100644 volatility/plugins/heaps.py
create mode 100644 volatility/plugins/joblinks.py
create mode 100644 volatility/plugins/linux/apihooks.py
create mode 100644 volatility/plugins/linux/bash_hash.py
create mode 100644 volatility/plugins/linux/check_inline_kernel.py
create mode 100644 volatility/plugins/linux/elfs.py
copy volatility/plugins/{mac/version.py => linux/enumerate_files.py} (52%)
create mode 100644 volatility/plugins/linux/hidden_modules.py
create mode 100644 volatility/plugins/linux/info_regs.py
create mode 100644 volatility/plugins/linux/kernel_opened_files.py
rename volatility/plugins/linux/{keyboard_notifier.py => keyboard_notifiers.py} (73%)
copy volatility/plugins/linux/{lsof.py => ldrmodules.py} (57%)
create mode 100644 volatility/plugins/linux/libc_env.py
create mode 100644 volatility/plugins/linux/library_list.py
create mode 100644 volatility/plugins/linux/librarydump.py
copy volatility/plugins/linux/{banner.py => lime.py} (50%)
create mode 100644 volatility/plugins/linux/linux_strings.py
create mode 100644 volatility/plugins/linux/linux_truecrypt.py
create mode 100644 volatility/plugins/linux/list_raw.py
create mode 100644 volatility/plugins/linux/malfind.py
create mode 100644 volatility/plugins/linux/netfiler.py
create mode 100644 volatility/plugins/linux/plthook.py
copy volatility/plugins/linux/{psaux.py => proc_maps_rb.py} (63%)
create mode 100644 volatility/plugins/linux/procdump.py
create mode 100644 volatility/plugins/linux/process_hollow.py
create mode 100644 volatility/plugins/linux/process_info.py
create mode 100644 volatility/plugins/linux/process_stack.py
copy volatility/plugins/linux/{psaux.py => psenv.py} (74%)
create mode 100644 volatility/plugins/linux/recover_filesystem.py
create mode 100644 volatility/plugins/linux/threads.py
create mode 100644 volatility/plugins/mac/adiummsgs.py
create mode 100644 volatility/plugins/mac/apihooks.py
create mode 100644 volatility/plugins/mac/apihooks_kernel.py
copy volatility/plugins/{linux => mac}/bash.py (59%)
create mode 100644 volatility/plugins/mac/bash_env.py
create mode 100644 volatility/plugins/mac/bash_hash.py
create mode 100644 volatility/plugins/mac/calendar.py
create mode 100644 volatility/plugins/mac/check_mig_table.py
create mode 100644 volatility/plugins/mac/check_syscall_shadow.py
create mode 100644 volatility/plugins/mac/contacts.py
create mode 100644 volatility/plugins/mac/dead_sockets.py
copy volatility/plugins/mac/{dead_procs.py => dead_vnodes.py} (64%)
copy volatility/plugins/mac/{proc_maps.py => dlyd_maps.py} (55%)
create mode 100644 volatility/plugins/mac/dump_files.py
create mode 100644 volatility/plugins/mac/gkextmap.py
create mode 100644 volatility/plugins/mac/keychaindump.py
create mode 100644 volatility/plugins/mac/ldrmodules.py
create mode 100644 volatility/plugins/mac/librarydump.py
copy volatility/plugins/mac/{print_boot_cmdline.py => list_files.py} (52%)
create mode 100644 volatility/plugins/mac/lsmod_iokit.py
create mode 100644 volatility/plugins/mac/mac_strings.py
create mode 100644 volatility/plugins/mac/malfind.py
create mode 100644 volatility/plugins/mac/memdump.py
create mode 100644 volatility/plugins/mac/moddump.py
create mode 100644 volatility/plugins/mac/netconns.py
create mode 100644 volatility/plugins/mac/notesapp.py
create mode 100644 volatility/plugins/mac/procdump.py
create mode 100644 volatility/plugins/mac/recover_filesystem.py
create mode 100644 volatility/plugins/mac/socket_filters.py
create mode 100644 volatility/plugins/multiscan.py
create mode 100644 volatility/plugins/notepad.py
create mode 100644 volatility/plugins/objtypescan.py
delete mode 100644 volatility/plugins/overlays/linux/linux64.py
create mode 100644 volatility/plugins/overlays/mac/macho.py
create mode 100644 volatility/plugins/overlays/windows/vad_vtypes.py
create mode 100644 volatility/plugins/overlays/windows/win8.py
create mode 100644 volatility/plugins/overlays/windows/win8_kdbg.py
create mode 100755 volatility/plugins/overlays/windows/win8_sp0_x64_syscalls.py
copy volatility/plugins/overlays/windows/{win7_sp1_x64_vtypes.py => win8_sp0_x64_vtypes.py} (62%)
create mode 100644 volatility/plugins/overlays/windows/win8_sp0_x86_syscalls.py
copy volatility/plugins/overlays/windows/{win7_sp1_x86_vtypes.py => win8_sp0_x86_vtypes.py} (61%)
create mode 100755 volatility/plugins/overlays/windows/win8_sp1_x64_syscalls.py
copy volatility/plugins/overlays/windows/{win7_sp1_x64_vtypes.py => win8_sp1_x64_vtypes.py} (56%)
create mode 100755 volatility/plugins/overlays/windows/win8_sp1_x86_syscalls.py
copy volatility/plugins/overlays/windows/{win7_sp0_x86_vtypes.py => win8_sp1_x86_vtypes.py} (55%)
create mode 100644 volatility/plugins/patchguard.py
create mode 100644 volatility/plugins/pooltracker.py
create mode 100644 volatility/plugins/registry/auditpol.py
rename volatility/plugins/{ => registry}/userassist.py (97%)
create mode 100644 volatility/plugins/tcaudit.py
create mode 100644 volatility/plugins/verinfo.py
create mode 100644 volatility/poolscan.py
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/volatility.git
More information about the forensics-changes
mailing list