How to Install Volatility in Kali

“The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. ” Volatility GitHub

Kali Linux has dropped volatility from their new release and you won’t be able to install it as usual apt-get install. You can go to GitHub and get info to install it via volatility download https://www.volatilityfoundation.org/releases. But when you start running it you will see many error pop up. This mainly due to no python availability in new debian and missing dependencies.

It took me few hours of fiddling around with various package install and reading through many post. But this is the method I was able to test and get it working.

Big thanks to Jason @ Jase IT and whoever did post to install python2 @ https://stackoverflow.com/questions/61981156/unable-to-locate-package-python-pip-ubuntu-20-04

Sudo su

apt-get update

###Install phython2

apt install python2

####Install pip2

curl https://bootstrap.pypa.io/get-pip.py –output get-pip.py

python2 get-pip.py

If Error happened run below and then run python2 get-pip.py

curl https://bootstrap.pypa.io/2.7/get-pip.py –output get-pip.py

###Install python3

apt install python3

###Install pip3

apt install python3-pip

###Install dependency

apt-get install pcregrep libpcre++-dev python-dev -y

###Upgrade setuptool

pip2 install –upgrade setuptools (make sure it is dash dash before upgrade setuptools NOT single dash)

###Install pip dependency

pip2 install pycrypto

pip2 install distorm3

###Download and extract volatility from https://www.volatilityfoundation.org/releases listed as “Source Code”

###CD into the location source code

python setup.py install

python vol.py -h to see more info