extend the PoolScanner class and extend the AbstractScanCommand class on Volatitlity framework -- 2

Building a Custom Pool Scanner Volatility framework implements pool-scanning technique to allocate various objects in a given memory dump. The tool fully relies on PoolScanner class for the development and customization of scanner-based plugins. In this project, students are asked to extend and customize the behavior of new pool-scanner plugin. Your new pool-scanner plugin must be extended from PoolScanner class. The newly developed plugin must support object of type _EPROCESS with nonpaged and free memory allocations. New command-line options must be integrated into the new pool-scanner plugin. You will extend the AbstractScanCommand class to customize the command-line options for your new pool-scanner plugin. The new plugin must be equipped with various command-line options which allow the user to tweak the behavior of the scanner. The following provides descriptions of the options that need to be implemented into the new pool-scanner plugin. Command-line option descriptions: -V/ --virtual: This command-line option support virtual kernel address space scanning feature. This enables you to scan only active pages for which the kernel currently has mapped -W/--show-unallocated: This option controls whether the new plugin shows objects that operating system expliciltly marks as unallocated -S/--start and -L/Length: These options provide you with capability of scanning the memory dump within a specific range of memory instead of the entire memory. The address is determined to be a location in physical memory or virtual depending on whether the -v/--virtual flag is set. Deliverables: • A document that describes the full implementation of the pool-scanner algorithm. • A diagram that describes the behaviors of the pool-scanner algorithm for each of the implemented option • The source files • Samples runs of the new plugin