Add ElfCoreDump plugins

[meck-gd]

When working with memory dumps, I sometimes find myself in a position where I need deep introspection into a specific process. For example, I'll initially locate a specific structure/pointer by hand and then I need to follow pointers to locate specific runtime values that the process had at the time the dump was created.

So far, Volatility was not able to output process address spaces in a container format that other tools could easily read. I often had to use memmap to create 1) a dump file and 2) a json file containing the virtual->file mappings, and then write custom tooling that parsed both to achieve what I wanted.

This pull request adds plugins that create an ELF core dump for a given process id. This format can be parsed by many libraries such as LIEF in Python or Goblin in Rust. It can also be opened by gdb for manual poking around (e.g., you can use info proc mappings to list modules and x to view contents at virtual addresses of your choice).

I didn't include thread state in the dump, because getting accurate register contents is a pretty hard problem when the processes were not prepared for dumping by the kernel beforehand, as would normally be the case for core dumps.

It may seem weird that Windows processes are also put into an ELF, but apart from the different image path format there's no real difference between process address spaces of different operating systems. My use case was using py-spy to inspect a Python process, and it ate the Windows process core dump just fine with some minimal adjustments.