app-forensics/volatility3: new ebuild

Package-Manager: Portage-3.0.28, Repoman-3.0.3
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de>
Signed-off-by: Sam James <sam@gentoo.org>

1 files changed, 29 insertions, 0 deletions

diff --git a/app-forensics/volatility3/metadata.xml b/app-forensics/volatility3/metadata.xml
new file mode 100644
index 000000000000..edbcd55f84f9
--- /dev/null
+++ b/app-forensics/volatility3/metadata.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person" proxied="yes">
+		<email>mario.haustein@hrz.tu-chemnitz.de</email>
+		<name>Mario Haustein</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>sam@gentoo.org</email>
+		<name>Sam James</name>
+	</maintainer>
+	<longdescription>
+		Volatility is the world's most widely used framework for extracting
+		digital artifacts from volatile memory (RAM) samples. The extraction
+		techniques are performed completely independent of the system being
+		investigated but offer visibility into the runtime state of the system.
+	</longdescription>
+	<use>
+		<flag name='crypt'>support plugins that decrypt passwords, password hashes, etc.</flag>
+		<flag name='disasm'>support plugins that perform malware analysis and disassemble code</flag>
+		<flag name='jsonschema'>improve error messages regarding improperly configured ISF files</flag>
+		<flag name='leechcore'>support memory acquisition via leechcore</flag>
+		<flag name='snappy'>support AVMLs native compression format</flag>
+		<flag name='yara'>support YARA pattern matching engine</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">volatilityfoundation/volatility3</remote-id>
+	</upstream>
+</pkgmetadata>