Skip to main content

Helper library to generate DRAKVUF profiles.

Project description

drakpdb

Helper library to generate DRAKVUF profiles.

Installation

pip3 install -r requirements.txt

Example

Generating profile from kernel (with LibVMI)

  1. Get PDB name and GUID/Age using vmi-win-guid

    # vmi-win-guid name windows7-sp1
    Windows Kernel found @ 0x2610000
            Version: 64-bit Windows 7
            PE GUID: 4ce7951a5ea000
            PDB GUID: 3844dbb920174967be7aa4a2c20430fa2
            Kernel filename: ntkrnlmp.pdb
            ...
    
  2. Download PDB and parse it to a json profile

    python3 drakpdb.py fetch_pdb ntkrnlmp.pdb 3844dbb920174967be7aa4a2c20430fa2
    python3 drakpdb.py parse_pdb ntkrnlmp.pdb > ntkrnlmp.json
    

Generating profile from DLL

  1. Use symchk.py from moyix/pdbparse to obtain PDB
  2. Use:
    python3 drakpdb.py parse_pdb dllname.pdb > dllname.json
    

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

drakpdb-0.2.3.tar.gz (49.9 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

drakpdb-0.2.3-pp311-pypy311_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (67.4 kB view details)

Uploaded PyPymanylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (67.4 kB view details)

Uploaded PyPymanylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (67.4 kB view details)

Uploaded PyPymanylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (67.2 kB view details)

Uploaded PyPymanylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-cp313-cp313-musllinux_1_2_x86_64.whl (96.9 kB view details)

Uploaded CPython 3.13musllinux: musl 1.2+ x86-64

drakpdb-0.2.3-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.3 kB view details)

Uploaded CPython 3.13manylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-cp312-cp312-musllinux_1_2_x86_64.whl (96.9 kB view details)

Uploaded CPython 3.12musllinux: musl 1.2+ x86-64

drakpdb-0.2.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.4 kB view details)

Uploaded CPython 3.12manylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-cp311-cp311-musllinux_1_2_x86_64.whl (96.9 kB view details)

Uploaded CPython 3.11musllinux: musl 1.2+ x86-64

drakpdb-0.2.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.4 kB view details)

Uploaded CPython 3.11manylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-cp310-cp310-musllinux_1_2_x86_64.whl (96.9 kB view details)

Uploaded CPython 3.10musllinux: musl 1.2+ x86-64

drakpdb-0.2.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.4 kB view details)

Uploaded CPython 3.10manylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-cp39-cp39-musllinux_1_2_x86_64.whl (96.7 kB view details)

Uploaded CPython 3.9musllinux: musl 1.2+ x86-64

drakpdb-0.2.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.3 kB view details)

Uploaded CPython 3.9manylinux: glibc 2.17+ x86-64

drakpdb-0.2.3-cp38-cp38-musllinux_1_2_x86_64.whl (96.6 kB view details)

Uploaded CPython 3.8musllinux: musl 1.2+ x86-64

drakpdb-0.2.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.6 kB view details)

Uploaded CPython 3.8manylinux: glibc 2.17+ x86-64

File details

Details for the file drakpdb-0.2.3.tar.gz.

File metadata

  • Download URL: drakpdb-0.2.3.tar.gz
  • Upload date:
  • Size: 49.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for drakpdb-0.2.3.tar.gz
Algorithm Hash digest
SHA256 fc5e09d11f4ed8515c0185f389527e685e1e8f062178170c2ff8ccc29fa6fcef
MD5 7bca1e5dcea57b116aa84481fbe1fdd3
BLAKE2b-256 3eb969c5ba52e79471abbeacae4a62c0980e0ad422871f6aedff6abcf0b56664

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-pp311-pypy311_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-pp311-pypy311_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 dda76ce652989d67d327425a5e8f1abebec0a8980a5e1e29aaaedb05b653ecc8
MD5 543237b08707a051ef75921f283a6fa4
BLAKE2b-256 4c3cbb9e57c948a1b650b0468eae128cf6ce31dd23596bdfa03c218feff068e3

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 1d56f4eadfe748811f37be0982e894298a18cbd3838d227e09dd68f4625c01aa
MD5 52d25d688aaa1781f2ccd17d7d6a8fb6
BLAKE2b-256 fa725b49a3ec96e78be2834d687358b3c216afd5286374bd1a1004537e9616c6

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 b19d6be1d24131e672c38e8d01092ab5f05a3a3fe9845d54a934e7289d049c0b
MD5 6cd233dbf625d1716a3db7ae852e970a
BLAKE2b-256 7fe77ff855c20769a71542e69b454e997b8129129883fcd0da98a05b9f1ec919

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 966e6776557dc828d7498dd1bc0048e0f860d5250622e8da6a78791db8c5320b
MD5 865d46b05e7512a2a31a4c26f7e0f0a2
BLAKE2b-256 e2a0403414d3acaf0f2a8f4bdd6a2a506ba39fef67b12744982532650a477d98

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp313-cp313-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp313-cp313-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 3414b7f7ee837575e3f1cb9d656de1f654e71fca751c545bd6890a9e6579fe51
MD5 40f22e6ae7f5d32229d24d128bf486fa
BLAKE2b-256 ec579d1fe52e4f04241c375a6f0517c6f25522066e996b152eaa0f4840817adc

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 95335031856781b18e833f474aaee1fe9b89be85d3a20cde3f235b3330959c5e
MD5 e2dd60a2c34615c9ddacdd4e3f052cdb
BLAKE2b-256 680ea4d72a24d869c952a92dc022089e938b801b1d9fb4be8e3c2eba8c2d54ae

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp312-cp312-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp312-cp312-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 288ecf19b156520a71bc838623019cd7d335e599f3a7cb733a579ed8bade9ee4
MD5 e0d5560d8fe33c99562946b0a0f069a9
BLAKE2b-256 e121eb73ce2a8ff032fbe2986c6394360839d8e726186027d8a8b68d14ce442c

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 b05e2e7826ed66042a5e1354bdb336391a8989840a8cd00f8cd10a27ec81cce0
MD5 7e44940ca3884421fa0616e58d848efc
BLAKE2b-256 e83d91b55672654fc92a8dec4de7ce286fec03909338bb80f0634f79383bdbe2

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp311-cp311-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp311-cp311-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 589cfde44567da029bba2a455fa89f4fc915966e0d118e0b6d808dd79fd9f796
MD5 a49693655c3fd33d75cc4bdd60d677d2
BLAKE2b-256 8e3715c735cd300d5bf5c8f1c204b9325491a3e9ce709c7293d9159e031225e6

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 3ca07196e6506447938faf69703b5b2b15e07e8afd75ec2637ff88a1e6233361
MD5 7299e5f4999616106c34f56656e1d519
BLAKE2b-256 5817c215f980a232cd6ca9804f5e67069080f95e64788a127e0e657453f646f1

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp310-cp310-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp310-cp310-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 d51badd6813c0dbffe163336ac9656cbbba0171a8165601d32e3771621101c26
MD5 32aca40284d5c19c8aa919ca3758765f
BLAKE2b-256 0c58607c094be2c967dbde55a40b56d110efc7d0028a859d8ee675481cb902c2

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 5cfefe937b4767b36375a122d124251fed05391efc9b15dbdd58c094b1a4d79e
MD5 dcf09a6ec0adf1bba904a30a9cdfdd66
BLAKE2b-256 e3864426aa36d0c167f8ed464be6f9c41c569dc0955ba6540c5085e5c80e3ec7

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp39-cp39-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp39-cp39-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 0622a8ecd2f0dd5f935547f8304201c505ef831dc526fd149405d019679d3f5d
MD5 172fc36843a17250ef1218f9e2fcf9a5
BLAKE2b-256 ca377611ab4551e7d8f19d86f296eb241c16dc9beea1856c66f6b243d49da23e

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 1ce6ec7c7864ee19a8799b52796917c5134829ce2624b4d0347940379284e243
MD5 06c8bc8da2c25b4b1ff99c802ca17063
BLAKE2b-256 851e7aa799860f76160898d26e9e02b443426d789f61026ebc36c7c41df4887a

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp38-cp38-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp38-cp38-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 a12ad993399e5d62fd6ddcee2b3d4874f1365e8774ce42da6c6fccb03c8bc6b9
MD5 1e738d6020baa000ae728cecc3c60b23
BLAKE2b-256 6b3b0fe9cafc9410d6bba3b76acc81324f0a60b346c89f0a9e1a61a38b08e948

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 8ce0f10ff56aad50d3386245864fea41da8328c87d38d45750d575b10ace010e
MD5 3d495bee9ab007fef1edd428753115a4
BLAKE2b-256 88ba35f11ceb05e0393b51508f569dbf2f51ec8ccbf1a546d4abe63f29b6aad9

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page