Helper library to generate DRAKVUF profiles.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certpl from gravatar.com certpl

Unverified details

These details have not been verified by PyPI
Meta
  • License: GNU General Public License v2 (GPLv2)
  • Requires: Python >=3.8
Classifiers

Project description

drakpdb

Helper library to generate DRAKVUF profiles.

Installation

pip3 install -r requirements.txt

Example

Generating profile from kernel (with LibVMI)

  1. Get PDB name and GUID/Age using vmi-win-guid

    # vmi-win-guid name windows7-sp1
Windows Kernel found @ 0x2610000
        Version: 64-bit Windows 7
        PE GUID: 4ce7951a5ea000
        PDB GUID: 3844dbb920174967be7aa4a2c20430fa2
        Kernel filename: ntkrnlmp.pdb
        ...

  2. Download PDB and parse it to a json profile

    python3 drakpdb.py fetch_pdb ntkrnlmp.pdb 3844dbb920174967be7aa4a2c20430fa2
python3 drakpdb.py parse_pdb ntkrnlmp.pdb > ntkrnlmp.json

Generating profile from DLL

  1. Use symchk.py from moyix/pdbparse to obtain PDB
  2. Use: 
    python3 drakpdb.py parse_pdb dllname.pdb > dllname.json

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certpl from gravatar.com certpl

Unverified details

These details have not been verified by PyPI
Meta
  • License: GNU General Public License v2 (GPLv2)
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

0.2.2

This version

0.2.1

0.2.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

drakpdb-0.2.1.tar.gz (49.5 kB view details)

Uploaded Source

Built Distributions

drakpdb-0.2.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (66.9 kB view details)

Uploaded PyPy manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (66.9 kB view details)

Uploaded PyPy manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (66.9 kB view details)

Uploaded PyPy manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-cp312-cp312-musllinux_1_2_x86_64.whl (96.1 kB view details)

Uploaded CPython 3.12 musllinux: musl 1.2+ x86-64

drakpdb-0.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (95.9 kB view details)

Uploaded CPython 3.12 manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-cp311-cp311-musllinux_1_2_x86_64.whl (96.2 kB view details)

Uploaded CPython 3.11 musllinux: musl 1.2+ x86-64

drakpdb-0.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (95.9 kB view details)

Uploaded CPython 3.11 manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-cp310-cp310-musllinux_1_2_x86_64.whl (96.2 kB view details)

Uploaded CPython 3.10 musllinux: musl 1.2+ x86-64

drakpdb-0.2.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (95.9 kB view details)

Uploaded CPython 3.10 manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-cp39-cp39-musllinux_1_2_x86_64.whl (96.0 kB view details)

Uploaded CPython 3.9 musllinux: musl 1.2+ x86-64

drakpdb-0.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (95.8 kB view details)

Uploaded CPython 3.9 manylinux: glibc 2.17+ x86-64

drakpdb-0.2.1-cp38-cp38-musllinux_1_2_x86_64.whl (96.1 kB view details)

Uploaded CPython 3.8 musllinux: musl 1.2+ x86-64

drakpdb-0.2.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (96.3 kB view details)

Uploaded CPython 3.8 manylinux: glibc 2.17+ x86-64

File details

Details for the file drakpdb-0.2.1.tar.gz.

File metadata

  • Download URL: drakpdb-0.2.1.tar.gz
  • Upload date:
  • Size: 49.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for drakpdb-0.2.1.tar.gz
Algorithm Hash digest
SHA256 3b7577b749dbe20c6ae67aa2effc53fc95d6b347cbe5313d39f50d2e9a07cea2
MD5 46fa129bea9ca6584ffd93e2f1ef38c2
BLAKE2b-256 4282c5a3cbb889c5cba06671c9078e2e17561c40ad1245d48f73d2cb9c6439d8

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 073f2b88ea555dc46bbe2020b59254529db2e60b6be3119dd8c4298ce1d99c14
MD5 95024b79f008990b581639a67f33b706
BLAKE2b-256 b890aeaa830717f47acdac3bdbc9c0311cf39caf9db59fa5c02630d8c8635ea0

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 2771da75069f60e297188e54f0e0d1c8c7043894603dbb4bd2c3fbeedbcf57d9
MD5 064ca7d3425d1250661cb31803aad347
BLAKE2b-256 e858bdb1613b8be9eb29a304057f39ffc47dacc491b9479ee9893b2720fab1b7

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 8ee0eb48a457dc1f9b43dfe16ca98c542cdd16bf0b10166b37e0828f582dbef1
MD5 6a8c04d8af2ebd6ca7c1b06df33d8e0b
BLAKE2b-256 7b8007597b242562a30bf0efa8781d5032e62854aa449d33f9b2c2718740cf4d

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp312-cp312-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp312-cp312-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 d452080131e01b3d770b552939a2f074bb82aa7deef781b90478a98e4c1fafb2
MD5 4e4f2e6009c37ec9d48112245da681ff
BLAKE2b-256 ba40585960b1ceb0a51c58cfef2ba2a95a373f3f371b99d567c44ee229f2f564

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 009d17eec2edd097357849307feefce6a63da9f7328d0338798c473b6e4d7f1b
MD5 6f7f3724bb3b1fb9262b9904fe77df28
BLAKE2b-256 6c2f8a276b1f629f88d254412b2bf7f36983ad1264e05aec5cb0f18af5d1fef1

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp311-cp311-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp311-cp311-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 af0fc6ba9c4188cabe86d63e7fa92b5fb3c8790be568a08fd51ca1e047a0d283
MD5 871dba0c7cbe175fec2113324fd84b53
BLAKE2b-256 0f380e22b8eb4553793195f5694cbdb87e71008d6f9ec48b6227e246872cdad5

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 bcbf74275b83e76db6e6701f999bb4bf88ce58b6ef04d08ec6b4610e8ec74930
MD5 96abcac86bf60aede6df77554e228567
BLAKE2b-256 f087438a9b5212d11b77729e3620b43c3e053d03c9712f05f2fcd0839dd9df32

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp310-cp310-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp310-cp310-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 d8852e10246baa09183bb52f8a2c8045f2a65a6fcf751d27230da13ec109d135
MD5 029d2ac7996e2411b31eb4a19626b462
BLAKE2b-256 f867882b9307f6a169216aecf1525f535483b1e67eb48bffe1e7980d33600403

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 756f796c0b11e359a6cec56751abc1a700745acd260422269ed3c046d2735966
MD5 3c5e2c09e95975756be3412f00747917
BLAKE2b-256 74344496dead91e5a22f45743573c462ac545566e426448b8e8a3be103bafe91

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp39-cp39-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp39-cp39-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 bc7505203496b9cd784fcc6a5f47e3f3aa7670703078868a4efc334738c3e0b5
MD5 ff6aa84721d6fbd527d3aae1320da489
BLAKE2b-256 2b68c3f395810440f40aba5df559c89b128454be565457c0f1a1e8cbc568996c

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 47eca561ff95445e0ee34a4610f688c6b4fa734db21b93d95a085ca319c4e89e
MD5 2595ae241d04e891aa5b832b10afcce1
BLAKE2b-256 80b0f3335b80a60b2071860a5b74842b1e7c49132e324f0dd6a6b1e7f2b09a5a

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp38-cp38-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp38-cp38-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 aef79b32250c81a9ac250c14d9376ac3b42af25a22f9da4dd03a1140c9a9a5c9
MD5 92086f6053fb048b671358ae4c459acb
BLAKE2b-256 85e7c01a94a1446f2e9c401b688cbe692cf017b47124350483a45d040137a7bc

See more details on using hashes here.

File details

Details for the file drakpdb-0.2.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for drakpdb-0.2.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 ebdea0c0417ca0d13b1039c9836bf7a8f7e8a9a4bc7b24d467c2eebb1094ce3d
MD5 21fe27b815ec2487f7c9189d3d821050
BLAKE2b-256 2ae998741411b04cc47186f68b8a27f1c950db9dee2f33e9f44a497e329bc173

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page