forked from JamesHabben/evolve
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPlugins with SQLite output
197 lines (195 loc) · 2.65 KB
/
Plugins with SQLite output
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
These plugins all have a render_sqlite() method, but it doesn't guarantee
compatability with evolve. Some of them require parameter input to
operate correctly.
Run with Volatility 2.4 (2015-04-16)
atoms
atomscan
auditpol
bigpools
bioskbd
callbacks
clipboard
cmdline
cmdscan
connections
connscan
consoles
crashinfo
deskscan
devicetree
dlldump
dlllist
driverirp
drivermodule
driverscan
dumpfiles
eventhooks
filescan
gahti
gditimers
gdt
getservicesids
getsids
hibinfo
hivedump
hivelist
hivescan
hpakextract
hpakinfo
idt
iehistory
imageinfo
joblinks
kdbgscan
kpcrscan
ldrmodules
limeinfo
linux_apihooks
linux_arp
linux_banner
linux_bash_env
linux_check_afinfo
linux_check_creds
linux_check_evt_arm
linux_check_idt
linux_check_inline_kernel
linux_check_modules
linux_check_syscall
linux_check_syscall_arm
linux_check_tty
linux_cpuinfo
linux_dmesg
linux_dynamic_env
linux_elfs
linux_enumerate_files
linux_getcwd
linux_hidden_modules
linux_ifconfig
linux_info_regs
linux_iomem
linux_kernel_opened_files
linux_keyboard_notifiers
linux_ldrmodules
linux_library_list
linux_librarydump
linux_list_raw
linux_lsof
linux_malfind
linux_memmap
linux_moddump
linux_mount
linux_mount_cache
linux_netfilter
linux_netstat
linux_pidhashtable
linux_pkt_queues
linux_proc_maps
linux_proc_maps_rb
linux_procdump
linux_psaux
linux_psenv
linux_pslist
linux_pslist_cache
linux_pstree
linux_psxview
linux_recover_filesystem
linux_sk_buff_cache
linux_slabinfo
linux_threads
linux_truecrypt_passphrase
linux_vma_cache
lsadump
mac_adium
mac_arp
mac_bash
mac_bash_env
mac_bash_hash
mac_calendar
mac_check_mig_table
mac_check_syscalls
mac_check_sysctl
mac_check_trap_table
mac_contacts
mac_dead_procs
mac_dead_sockets
mac_dead_vnodes
mac_dmesg
mac_dump_file
mac_dyld_maps
mac_find_aslr_shift
mac_ifconfig
mac_ip_filters
mac_keychaindump
mac_ldrmodules
mac_librarydump
mac_list_files
mac_list_kauth_listeners
mac_list_kauth_scopes
mac_list_raw
mac_list_sessions
mac_list_zones
mac_lsmod
mac_lsmod_iokit
mac_lsmod_kext_map
mac_lsof
mac_machine_info
mac_malfind
mac_memdump
mac_moddump
mac_mount
mac_netstat
mac_network_conns
mac_notesapp
mac_notifiers
mac_orphan_threads
mac_pgrp_hash_table
mac_pid_hash_table
mac_print_boot_cmdline
mac_proc_maps
mac_procdump
mac_psaux
mac_psenv
mac_pslist
mac_pstree
mac_psxview
mac_recover_filesystem
mac_route
mac_socket_filters
mac_tasks
mac_threads
mac_threads_simple
mac_trustedbsd
mac_version
mac_volshell
machoinfo
malfind
memdump
memmap
messagehooks
mftparser
moddump
modscan
modules
multiscan
mutantscan
netscan
notepad
objtypescan
privs
procdump
pslist
psscan
pstree
qemuinfo
screenshot
sessions
shellbags
shimcache
sockets
sockscan
strings
svcscan
symlinkscan
thrdscan
truecryptsummary
unloadedmodules