GVol is a lightweight GUI application built in Java designed to automate the usage of volatility toolkit for the purpose of malware analysis. The application includes various volatility plugins with their predefined options. In addition to that, users can create batch files to run multiple plugins at once to scan a memory image. Furthermore, GVol includes pre-configured batch files to simplify the usage of volatility for malware analysis process.
You can get a copy of the latest release fromhttps://github.com/eg-cert/GVol/releases Building should be as simple as
cd GVol
ant
the target jar file shall be under the dist directory ``` java -jar GVol.jar ```
Download the latest version from releases. You need the java runtime enviroment to run GVol. Run the file GVol.jar.
The first time you run GVol, you should tell it how to run Volatility.
1- Menu bar > Configuration > Cmd & profiles
2- Enter the command to run volatility in your system like "python vol.py" or the path of the standalone executable if you use it.
For more details about the tool and how to use it, read the user guide.