A volatility 2 docker for forensic investigations
- Volatility 2 installation in a standalone container
- Mount your current working directory on the host in
/workspace/in the container
You need to install docker to use this tool. Once this is done, you can build the container and install the command by typing make install in this repository.
If you are using:
-
Ubuntu, XUbuntu, LUbuntu: https://docs.docker.com/engine/install/ubuntu/
-
Kali: It is based on debian so you just need to follow the Debian tutorial https://docs.docker.com/engine/install/debian/.
The only different step in the tutorial for Kali is the last command of the first step Add the repository to Apt sources. Don't use:
# Add the repository to Apt sources: echo \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
But use instead:
echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian buster stable" > /etc/apt/sources.list.d/docker.list
Pull requests are welcome. Feel free to open an issue if you want to add other features.
