Kağan IŞILDAK

The problem seems to be in the build process. Because there's no error while plugin starting. You should add and enable in meson file https://github.com/tklengyel/drakvuf/blob/main/src/plugins/meson.build

How can i trigger pdbconv over vol.py I just execute below command python3 volatility3/framework/symbols/windows/pdbconv.py -g 8199e3319bc8404581e451b565d048b81 -p ntkrnlmp.pdb -o ntkrnlmp.json

Base Image : Windows 7 SP1 Installed Updates : [KB5039289](https://support.microsoft.com/kb/5039289) and [KB5039339](https://support.microsoft.com/kb/5039339) [ntkrnlmp.pdb.zip](https://github.com/user-attachments/files/15946636/ntkrnlmp.pdb.zip)

Actually, my goal is different. I need to convert the relevant kernel profile to json to use it with libvmi. But interestingly, something is wrong specifically with this version. My...

Yes , pdbconv can create json but there's no tpi data that necessary for libvmi For example, you can compare both output for different kernel [ece191a20cff4465ae46df96c22638451.json](https://github.com/user-attachments/files/15946665/ece191a20cff4465ae46df96c22638451.json) [8199e3319bc8404581e451b565d048b81.json](https://github.com/user-attachments/files/15946664/8199e3319bc8404581e451b565d048b81.json)

A bug that's been giving me a headache for two nights. I'm just trying to satisfy my curiosity :) Thank you