volatility
objection
Our great sponsors
volatility | objection | |
---|---|---|
18 | 17 | |
6,859 | 6,909 | |
1.4% | 2.2% | |
0.0 | 3.9 | |
10 months ago | about 2 months ago | |
Python | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
volatility
-
What is the appropriate uncompressed kernel ELF to use with dwarf2json? [ 5.19.0-42-generic #43~22.04.1-Ubuntu ], in order to create generate a custom symbols table to conduct linux memory forensics on Ubuntu 22.04?
I need this to create generate a custom symbols table (using dwarf2json), in order to run a memory dump acquired by Ubuntu 22.04, as Ubuntu 22.04 kernel does not work anymore with volatility 2 (Issue here: volatilityfoundation/volatility#828)
-
How to inspect a Linux machine
Analyzing memory dumps can be hard, especially at the beginning. You might want to use comprehensive Frameworks like volatility.
-
PChunter equivalent on Linux?
volatility - Version 2 Version 3
-
Awesome CTF : Top Learning Resource Labs
Volatility - To investigate memory dumps.
-
Cannot process recent Windows 10 memory dumps in Volatility
https://github.com/volatilityfoundation/volatility/wiki/2.6-Win-Profiles#profile-lists
objection
- apk.sh, make reverse engineering Android apps easier!
- Prerequisites for reverse engineering?
-
Mitmproxy 8
This is true, by default Android apps do not trust user-installed certificate authorities. IMO the easiest solution if you're doing security testing on a dedicated device is MagiskTrustUserCerts[1]. If you're not testing on a dedicated device or you don't want to root the device, I'd recommend using the objection[2] tool which has a guided mode for patching an apk, and you can modify the manifest to add your CA or to trust all user-installed CAs.
[1]: https://github.com/NVISOsecurity/MagiskTrustUserCerts
[2]: https://github.com/sensepost/objection/wiki/Patching-Android...
-
Is this networking knowledge enough ?
Then use runtime tools like Runtime Mobile Security, Grapefruit, and Objection to see stuff in action and practice Frida along with as these tools usually support loading custom Frida scripts.
-
Awesome CTF : Top Learning Resource Labs
Objection - Runtime Mobile Exploration.
What are some alternatives?
frida - Clone this repo to build Frida
drozer - The Leading Security Assessment Framework for Android.
Free-RASP-Community - SDK providing app protection and threat monitoring for mobile devices, available for Flutter, Cordova, Android and iOS.
shellbags - Cross-platform, open-source shellbag parser
binwalk - Firmware Analysis Tool [Moved to: https://github.com/ReFirmLabs/binwalk]
awesome-frida - Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
Apktool - A tool for reverse engineering Android apk files
volatility3 - Volatility 3.0 development
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
MalConfScan - Volatility plugin for extracts configuration data of known malware
picoCTF - The platform used to run picoCTF 2019.
hack-the-arch - Welcome to HackTheArch! A free open source scoring server for cyber Capture the Flag competitions!