sudo -i
apt update
apt install \
  build-essential \
  capstone-tool \
  git \
  libcapstone-dev \
  libdistorm3-dev \
  libraw1394-11 \
  pcregrep \
  python2-dev \
  tzdata \
  yara

curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py
python2 get-pip.py

python2 -m pip install -U setuptools wheel
python2 -m pip install -U distorm3 yara pycrypto pillow openpyxl ujson pytz ipython capstone
ln -s /usr/local/lib/python2.7/dist-packages/usr/lib/libyara.so /usr/lib/libyara.so

git clone https://github.com/volatilityfoundation/volatility.git
cd volatility
python2 setup.py -h
python2 setup.py build
python2 setup.py install
cd
vol.py -h

# Patch
# https://github.com/volatilityfoundation/volatility/pull/854
wget https://raw.githubusercontent.com/volatilityfoundation/volatility/7113c441d74a8fa1b8d5c056e77900e500453287/volatility/dwarf.py \
-O /usr/local/lib/python2.7/dist-packages/volatility-2.6.1-py2.7.egg/volatility/dwarf.py
# https://github.com/volatilityfoundation/volatility/pull/852
wget https://raw.githubusercontent.com/volatilityfoundation/volatility/d07c69a7811d8e18ab186c9fbdf5b050529d06d2/volatility/plugins/overlays/linux/linux.py \
-O /usr/local/lib/python2.7/dist-packages/volatility-2.6.1-py2.7.egg/volatility/plugins/overlays/linux/linux.py