volatility VS peda

I need this to create generate a custom symbols table (using dwarf2json), in order to run a memory dump acquired by Ubuntu 22.04, as Ubuntu 22.04 kernel does not work anymore with volatility 2 (Issue here: volatilityfoundation/volatility#828)

Take a look at this link and specifically note how the profiles are named, especially Ubuntu - https://github.com/volatilityfoundation/volatility/wiki/Linux-Command-Reference

I think the typical tool for analyzing OS memory dumps is Volatility but I can't give you a course in how to use it, that is supposedly what your school should be doing.

Analyzing memory dumps can be hard, especially at the beginning. You might want to use comprehensive Frameworks like volatility.

git clone https://github.com/volatilityfoundation/volatility.git whenever i want to run something I get PS C:\Users\czare_000\python-course-for-beginners\bs4\volatility> & C:/Users/czare_000/AppData/Local/Programs/Python/Python310/python.exe c:/Users/czare_000/python-course-for-beginners/bs4/volatility/volatility/debug.py Traceback (most recent call last): File "c:\Users\czare_000\python-course-for-beginners\bs4\volatility\volatility\debug.py", line 27, in import volatility.conf ModuleNotFoundError: No module named 'volatility' or i also get except Exception, e: ^^^^^^^^^^^^ SyntaxError: multiple exception types must be parenthesized

Volatility is python based so you will need to install it and volatility's required dependencies. You can find the install instructions here https://github.com/volatilityfoundation/volatility

volatility - Version 2 Version 3

The volatility wiki should have instructions you need. Just follow the steps here (https://github.com/volatilityfoundation/volatility/wiki/Linux#making-the-profile)

Looks like they are using PEDA.

There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):

GEF: https://gef.readthedocs.io/en/master/

PWNDBG: https://github.com/pwndbg/pwndbg

PEDA: https://github.com/longld/peda

They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.

PEDA - GDB plugin (only python2.7).

peda - Python Exploit Development Assistance for GDB.

Did you follow the instructions? Step 2 adds PEDA to your ~/.gdbinit so it will/should load every time you open gdb. So if it doesn't work check your ~/.gdbinit file.