volatility3.cli package

A CommandLine User Interface for the volatility framework.

User interfaces make use of the framework to:
  • determine available plugins

  • request necessary information for those plugins from the user

  • determine what “automagic” modules will be used to populate information the user does not provide

  • run the plugin

  • display the results

class CommandLine[source]

Bases: object

Constructs a command-line interface object for users to run plugins.

CLI_NAME = 'volatility'
file_handler_class_factory(direct=True)[source]
classmethod location_from_file(filename)[source]

Returns the URL location from a file parameter (which may be a URL)

Parameters:

filename (str) – The path to the file (either an absolute, relative, or URL path)

Return type:

str

Returns:

The URL for the location of the file

populate_config(context, configurables_list, args, plugin_config_path)[source]

Populate the context config based on the returned args.

We have already determined these elements must be descended from ConfigurableInterface

Parameters:
  • context (ContextInterface) – The volatility3 context to operate on

  • configurables_list (Dict[str, Type[ConfigurableInterface]]) – A dictionary of configurable items that can be configured on the plugin

  • args (Namespace) – An object containing the arguments necessary

  • plugin_config_path (str) – The path within the context’s config containing the plugin’s configuration

Return type:

None

populate_requirements_argparse(parser, configurable)[source]

Adds the plugin’s simple requirements to the provided parser.

Parameters:
process_exceptions(excp)[source]

Provide useful feedback if an exception occurs during a run of a plugin.

process_unsatisfied_exceptions(excp)[source]

Provide useful feedback if an exception occurs during requirement fulfillment.

run()[source]

Executes the command line module, taking the system arguments, determining the plugin to run and then running it.

classmethod setup_logging()[source]
class MuteProgress[source]

Bases: PrintedProgress

A dummy progress handler that produces no output when called.

class PrintedProgress[source]

Bases: object

A progress handler that prints the progress value and the description onto the command line.

main()[source]

A convenience function for constructing and running the CommandLine’s run method.

Subpackages

Submodules