{"id":13577769,"url":"https://github.com/Tokeii0/VolatilityPro","last_synced_at":"2025-04-05T15:31:27.674Z","repository":{"id":170191882,"uuid":"646315631","full_name":"Tokeii0/VolatilityPro","owner":"Tokeii0","description":"一款用于自动化处理内存取证的Python脚本，并提供GUI界面","archived":false,"fork":false,"pushed_at":"2024-12-09T14:12:07.000Z","size":15416,"stargazers_count":316,"open_issues_count":4,"forks_count":20,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-03T16:10:28.008Z","etag":null,"topics":["ctf","gui","volatility"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Tokeii0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-28T01:45:45.000Z","updated_at":"2025-03-19T14:29:33.000Z","dependencies_parsed_at":"2025-01-15T08:17:33.453Z","dependency_job_id":"27d60232-dbd2-4c1e-b3de-ea33ed9c6b1d","html_url":"https://github.com/Tokeii0/VolatilityPro","commit_stats":null,"previous_names":["tokeii0/volatilitypro"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tokeii0%2FVolatilityPro","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tokeii0%2FVolatilityPro/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tokeii0%2FVolatilityPro/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tokeii0%2FVolatilityPro/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Tokeii0","download_url":"https://codeload.github.com/Tokeii0/VolatilityPro/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247358730,"owners_count":20926275,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","gui","volatility"],"created_at":"2024-08-01T15:01:24.192Z","updated_at":"2025-04-05T15:31:27.646Z","avatar_url":"https://github.com/Tokeii0.png","language":"Python","readme":"\n# VolatilityPro \n\n**推荐使用 Python 3.10+ 版本**，其他版本可能存在未知的 bug。\n\n### 新坑LovelyMem\nhttps://github.com/Tokeii0/LovelyMem\n\n---\n这个项目拉了，之后不更新了，研究了一个新玩意，等比赛完了发\n---\n正在重构之前写的太烂了，只是一个勉强能用的情况，能用但不好用，准备加一点新功能，敬请期待\n\n![image](https://github.com/Tokeii0/VolatilityPro/assets/111427585/037e9f53-4394-418a-b963-c617c0b0b85a)\n![image](https://github.com/Tokeii0/VolatilityPro/assets/111427585/407764cd-6929-4426-aa40-92e34f0a4e4c)\n\n\n## 更新记录\n\n### 2023.6.18\n- 新增镜像字符串搜索功能\n- 表格宽度自适应\n\n![嘻嘻](https://github.com/Tokeii0/VolatilityPro/assets/111427585/8e90b625-8c96-4f8a-bbfc-4fd66e7fa743)\n\n---\n\n### 2023.6.12\n\n![动画2](https://github.com/Tokeii0/VolatilityPro/assets/111427585/19e089bb-4f68-47a1-ab3c-020e52a74847)\n\n---\n\n### 2023.6.10 晚上\n- 支持选择 filescan 文件\n\n![new](https://github.com/Tokeii0/VolatilityPro/assets/111427585/cece18ca-39ce-44cc-8f74-8d880ae6315a)\n\n---\n\n### 2023.6.10 \n- 新增 GUI 界面，即开即用\n\n![image](https://github.com/Tokeii0/VolatilityPro/assets/111427585/9cc796c8-b1bc-4b3c-90ac-a07fc1ccb1ec)\n\n---\n\n## 老版本帮助\n\n### 使用方法\n\n```shell\npython volpro.py [imagename] (profile) (dumpfiles)\n```\n\n参数解释：\n- `[imagename]`：映像文件路径。📁\n- `(profile)`：可选的 profile 参数。提供此参数时，将跳过 imageinfo 任务。\n- `(dumpfiles)`：可选的 dumpfiles 参数。使用此参数时，必须提供 profile 参数。\n\n#### 示例\n\n```shell\n# 没有 profile，自动选择 imageinfo 的第一个\npython Volpro.py ADMIN-PC-20220616-025554.raw\n\n# 设置了 profile，跳过 imageinfo 节约时间\npython Volpro.py ADMIN-PC-20220616-025554.raw Win7SP1x64\n\n# dumpfiles 命令的使用方法\npython Volpro.py ADMIN-PC-20220616-025554.raw Win7SP1x64 dumpfiles 0x000000007dcc4480\n```\n\n![image](https://github.com/Tokeii0/VolatilityPro/assets/111427585/d6917be9-6011-4e16-8d44-1d402e3131ab)\n\n![image](https://github.com/Tokeii0/VolatilityPro/assets/111427585/a45582c1-c35f-4639-b133-5cff5f4e5c14)\n\n![image](https://github.com/Tokeii0/VolatilityPro/assets/111427585/7bac9eb3-312e-4732-9d6c-6707cf869f97)\n","funding_links":[],"categories":["Python","取证溯源"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTokeii0%2FVolatilityPro","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FTokeii0%2FVolatilityPro","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTokeii0%2FVolatilityPro/lists"}