diff --git a/_gtfobins/volatility.md b/_gtfobins/volatility.md
new file mode 100644
index 0000000..16b7f07
--- /dev/null
+++ b/_gtfobins/volatility.md
@@ -0,0 +1,8 @@
+---
+description: This command requires some valid coredump file which, if not available, can be uploaded to the target. The `volshell` command spawns a [`python`](/gtfobins/python/) shell, other functions may apply.
+functions:
+  shell:
+    - code: |
+        volatility -f file.dump volshell
+        __import__('os').system('/bin/sh')
+---