Thursday, August 27, 2020

VolExp - Volatility Explorer


This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility Framework (https://github.com/volatilityfoundation/volatility). This program functions similarly to Process Explorer/Hacker, but additionally it allows the user access to a Memory Dump (or access the real-time memory on the computer using Memtriage). This program can run from Windows, Linux and MacOS machines, but can only use Windows memory images.

Quick Start
  1. Download the volexp.py file (download the memtriage.py file as well and replace it with your memtriage.py file if you want to use memtriage https://github.com/gleeda/memtriage).
  2. Run as a standalone program or as a plugin to Volatility:
  • As a standalone program:
 python2 volexp
 python2 vol.py -f <memory file path> --profile=<memory profile> volexp

Some Features:
python2 memtriage.py --plugins=volexp
  • Some of the information display will not update in real time (except Processes info(update slowly), real time functions like struct analyzer, PE properties, run real time plugin, etc.).
  • The program also allows to view Loaded dll's, open handles and network connections of each process (Access to a dll's properties is also optional).
  • To present more information of a process, Double-Click (or Left-Click and select Properties) to bring up an information window.
  • Or present more information on any PE.
  • The program allows the user to view the files in the Memory Dump as well as their information. Additionally, it allows the user to extract those files (HexDump/strings view is also optional).
  • The program supports viewing of the Windows Objects and files's matadata (MFT).
  • The program also support viewing a regview of the memory dump
  • Additionally, the program supports struct analysis. (writing on the memory's struct, running Volatility functions on a struct is available). Example of getting all the load modules inside _EPROCESS struct in another struct analyzer window:
  • The Program is also capable of automatically marking suspicious processes found by another plugin. Example of a running threadmap plugin:
  • View memory use of a process.
  • Manually marking a certain process and adding a sidenote on it.
  • User's actions can be saved on a seperate file for later usage.

get help: https://github.com/memoryforensics1/VolExp/wiki/VolExp-help:






via KitPloit
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com
Related news
  1. Hacker Tools Apk Download
  2. Pentest Tools Framework
  3. Top Pentest Tools
  4. Pentest Tools For Windows
  5. How To Install Pentest Tools In Ubuntu
  6. How To Hack
  7. Pentest Tools Website Vulnerability
  8. What Are Hacking Tools
  9. Hack Rom Tools
  10. Hacking Tools For Pc
  11. Hacking Tools 2019
  12. Termux Hacking Tools 2019
  13. Pentest Tools Nmap
  14. Hacking Tools Github
  15. Hacker Tool Kit
  16. Tools For Hacker
  17. Hacking Tools Windows 10
  18. Kik Hack Tools
  19. Underground Hacker Sites
  20. Hacking Tools 2020
  21. Pentest Tools For Ubuntu
  22. Hacker Tools For Windows
  23. Kik Hack Tools
  24. Tools Used For Hacking
  25. Pentest Tools Tcp Port Scanner
  26. Hacks And Tools
  27. Hacking Tools For Beginners
  28. Pentest Tools Framework
  29. New Hack Tools
  30. Pentest Tools Apk
  31. Hacking Tools Github
  32. Hack Tools
  33. What Are Hacking Tools
  34. Hacks And Tools
  35. Hack Rom Tools
  36. Hackers Toolbox
  37. Hacker Tools For Pc
  38. Hacking Tools 2019
  39. Hacker Tools Apk Download
  40. Hacker Tools For Pc
  41. Hackrf Tools
  42. Game Hacking
  43. Hacker Tools Github
  44. Hacking Tools Online
  45. Pentest Tools Framework
  46. Hack App
  47. Hack Tools Pc
  48. Wifi Hacker Tools For Windows
  49. Ethical Hacker Tools
  50. Black Hat Hacker Tools
  51. Hack Tools Pc
  52. Best Pentesting Tools 2018
  53. What Are Hacking Tools
  54. Hacker Tools Github
  55. Kik Hack Tools
  56. Hack Tools For Mac
  57. Hacks And Tools
  58. Pentest Tools For Android
  59. Hacking Tools For Mac
  60. Pentest Tools Framework
  61. Hacker Tools Apk Download
  62. Hacking Tools Windows
  63. Hack Tools Pc
  64. Hacking Tools For Mac
  65. Hack Tools
  66. Hacking Tools Online
  67. Hack Tools For Games
  68. Hack Tool Apk No Root
  69. Pentest Tools Review
  70. Tools For Hacker
  71. Pentest Tools Open Source
  72. Blackhat Hacker Tools
  73. Easy Hack Tools
  74. Hacking Tools For Windows 7
  75. Pentest Tools Nmap
  76. Pentest Tools Alternative
  77. Bluetooth Hacking Tools Kali
  78. Beginner Hacker Tools
  79. Pentest Tools Kali Linux
  80. Hackrf Tools
  81. Hack Tools Github
  82. Hack Tool Apk No Root
  83. Termux Hacking Tools 2019
  84. Hacker Tools Free Download
  85. Hack Tools Github
  86. Pentest Box Tools Download
  87. Pentest Tools Website Vulnerability
  88. Free Pentest Tools For Windows
  89. Physical Pentest Tools
  90. Black Hat Hacker Tools
  91. Pentest Tools Download
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)