Friday, August 28, 2020

VolExp - Volatility Explorer


This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility Framework (https://github.com/volatilityfoundation/volatility). This program functions similarly to Process Explorer/Hacker, but additionally it allows the user access to a Memory Dump (or access the real-time memory on the computer using Memtriage). This program can run from Windows, Linux and MacOS machines, but can only use Windows memory images.

Quick Start
  1. Download the volexp.py file (download the memtriage.py file as well and replace it with your memtriage.py file if you want to use memtriage https://github.com/gleeda/memtriage).
  2. Run as a standalone program or as a plugin to Volatility:
  • As a standalone program:
 python2 volexp
 python2 vol.py -f <memory file path> --profile=<memory profile> volexp

Some Features:
python2 memtriage.py --plugins=volexp
  • Some of the information display will not update in real time (except Processes info(update slowly), real time functions like struct analyzer, PE properties, run real time plugin, etc.).
  • The program also allows to view Loaded dll's, open handles and network connections of each process (Access to a dll's properties is also optional).
  • To present more information of a process, Double-Click (or Left-Click and select Properties) to bring up an information window.
  • Or present more information on any PE.
  • The program allows the user to view the files in the Memory Dump as well as their information. Additionally, it allows the user to extract those files (HexDump/strings view is also optional).
  • The program supports viewing of the Windows Objects and files's matadata (MFT).
  • The program also support viewing a regview of the memory dump
  • Additionally, the program supports struct analysis. (writing on the memory's struct, running Volatility functions on a struct is available). Example of getting all the load modules inside _EPROCESS struct in another struct analyzer window:
  • The Program is also capable of automatically marking suspicious processes found by another plugin. Example of a running threadmap plugin:
  • View memory use of a process.
  • Manually marking a certain process and adding a sidenote on it.
  • User's actions can be saved on a seperate file for later usage.

get help: https://github.com/memoryforensics1/VolExp/wiki/VolExp-help:






via KitPloit
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related links


  1. Pentest Tools List
  2. Hacker Tools Linux
  3. Black Hat Hacker Tools
  4. Hacker Tools Online
  5. Pentest Tools Download
  6. Pentest Tools Website
  7. Hackrf Tools
  8. Hacking Tools Pc
  9. Hack Tool Apk No Root
  10. Hacking Apps
  11. Hacker Tools Online
  12. Pentest Tools Linux
  13. Pentest Tools Windows
  14. Pentest Tools Bluekeep
  15. Hacking App
  16. Hak5 Tools
  17. Pentest Tools Apk
  18. Github Hacking Tools
  19. Blackhat Hacker Tools
  20. Pentest Tools Bluekeep
  21. Hack Tools For Pc
  22. Best Hacking Tools 2019
  23. Hacking Tools 2019
  24. Pentest Tools Linux
  25. Pentest Tools For Android
  26. Hacking Tools For Windows Free Download
  27. Hacking Tools Windows 10
  28. Game Hacking
  29. New Hacker Tools
  30. Hack Tools For Ubuntu
  31. Pentest Tools Android
  32. Hack Rom Tools
  33. Hacker Tools 2019
  34. Hacker Tools Hardware
  35. Pentest Tools Nmap
  36. Hacker Tool Kit
  37. Pentest Tools Review
  38. Tools Used For Hacking
  39. Pentest Tools Kali Linux
  40. Bluetooth Hacking Tools Kali
  41. Hacker Tool Kit
  42. Pentest Tools Bluekeep
  43. Pentest Tools Alternative
  44. Hack Tools Github
  45. Pentest Tools List
  46. Termux Hacking Tools 2019
  47. Hacker Hardware Tools
  48. Hacker Tools Hardware
  49. Termux Hacking Tools 2019
  50. Best Hacking Tools 2019
  51. Hacking Tools For Games
  52. Hacker Tools Apk
  53. Pentest Tools Linux
  54. Pentest Tools For Windows
  55. Computer Hacker
  56. Hacking Tools Pc
  57. Hacking Tools 2019
  58. Pentest Tools Nmap
  59. Pentest Tools Subdomain
  60. Hacking Tools For Kali Linux
  61. How To Make Hacking Tools
  62. Hacker Tools Free
  63. Hacker Techniques Tools And Incident Handling
  64. Hacking Tools Kit
  65. Hacking Apps
  66. Hack Website Online Tool
  67. Pentest Tools Linux
  68. Pentest Tools
  69. Hacker Tools Software
  70. Hack Tools 2019
  71. Hacker Tools Github
  72. Pentest Tools Website Vulnerability
  73. Hacking Tools Windows
  74. Hacking Tools 2019
  75. Hacker Tool Kit
  76. Pentest Tools Bluekeep
  77. Hacking Tools For Windows Free Download
  78. Hacking Tools 2020
  79. Free Pentest Tools For Windows
  80. Hack Tool Apk No Root
  81. Hacker Hardware Tools
  82. Install Pentest Tools Ubuntu
  83. Hacking Tools Windows
  84. Hacking Tools Mac
  85. Pentest Tools Tcp Port Scanner
  86. How To Install Pentest Tools In Ubuntu
  87. What Are Hacking Tools
  88. Ethical Hacker Tools
  89. Hack Tools
  90. Pentest Tools Find Subdomains
  91. Tools For Hacker
  92. Hacker Tools 2019
  93. Pentest Tools Free
  94. New Hack Tools
  95. Hak5 Tools
  96. Hacking Tools Mac
  97. Hacker Tools Mac
  98. Termux Hacking Tools 2019
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)