Skip to content

MindPointGroup/ansible-volatility

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
defaults
defaults
 
 
files/users
files/users
 
 
handlers
handlers
 
 
meta
meta
 
 
tasks
tasks
 
 
tests
tests
 
 
vars
vars
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

ansible-volatility

This role is for use by DFIR/security options teams to quickly deploy and manage a Linux system to be used for memory forensics using the Volatility Framework.

Role Variables

users: []
forensics: true

Typically, when applying this role in an environment, I would simply set the forensics variable to true for the host or group of hosts that will be used for forensics work in the group_vars or host_vars file. The user is a simple list of the users who will be performing work using Volatility.

Example Playbook

Assuming you have a single host or set of hosts you use for this purpose, and that you include the variable "forensics" in either the host_vars or group_vars files as appropriate, the following playbook would deploy this role.

    - hosts: all
      become: true

      roles:
         - { role: ansible-volatility, when: forensics }

License

MIT

Author Information

Matt Shepherd aka matts-mpg
Vice President at MindPoint Group

About

An Ansible role for deploying the Volatility memory forensics framework.

Topics

security ansible-role dfir

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

10 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors