Helper library to generate DRAKVUF profiles.
Project description
drakpdb
Helper library to generate DRAKVUF profiles.
Installation
pip3 install -r requirements.txt
Example
Generating profile from kernel (with LibVMI)
-
Get PDB name and GUID/Age using
vmi-win-guid# vmi-win-guid name windows7-sp1 Windows Kernel found @ 0x2610000 Version: 64-bit Windows 7 PE GUID: 4ce7951a5ea000 PDB GUID: 3844dbb920174967be7aa4a2c20430fa2 Kernel filename: ntkrnlmp.pdb ... -
Download PDB and parse it to a json profile
python3 drakpdb.py fetch_pdb ntkrnlmp.pdb 3844dbb920174967be7aa4a2c20430fa2 python3 drakpdb.py parse_pdb ntkrnlmp.pdb > ntkrnlmp.json
Generating profile from DLL
- Use symchk.py from moyix/pdbparse to obtain PDB
- Use:
python3 drakpdb.py parse_pdb dllname.pdb > dllname.json
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
drakpdb-0.2.2.tar.gz
(49.6 kB
view details)
Built Distributions
File details
Details for the file drakpdb-0.2.2.tar.gz.
File metadata
- Download URL: drakpdb-0.2.2.tar.gz
- Upload date:
- Size: 49.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7016c48ed84809d1abd7ef6d9ef561a675a404e75fd6ca59beb8805c6b185c8e |
|
| MD5 | 0fa472f3a084f282e15fbf13af0af3ef |
|
| BLAKE2b-256 | ffa3d150f872232ac4ef553e40b7e4c8125e7383407166e6b4b226a3a2cf071f |
File details
Details for the file drakpdb-0.2.2-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 66.9 kB
- Tags: PyPy, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 5241945d1ed711b1f645f115e81f2d5772fa08caefa40c83ca46a05b6ed6a9f0 |
|
| MD5 | 1f91e708e5f1386872c00673cbd06c48 |
|
| BLAKE2b-256 | 55b6e2480482f7880d029087314c5b2a22c0880e84c87d8e5d90fb3a4ebc6234 |
File details
Details for the file drakpdb-0.2.2-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 66.9 kB
- Tags: PyPy, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 787bcc15424562f4761f61224008223a2a5ff45d71981a20d9bb9dc4957da284 |
|
| MD5 | 02f5af55f4c240da3c99ef41c94e7d11 |
|
| BLAKE2b-256 | a3ade5244b82e0eb8a62a7d9d436400af0a936e780b77c15756db91f24f08a0e |
File details
Details for the file drakpdb-0.2.2-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 66.9 kB
- Tags: PyPy, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b27077713ed88b6c1415251453dad708137a5f56f54b1abdbdec9275d9c39f7c |
|
| MD5 | 2a43a1a3dbca8d1db31b9327b07f3a6c |
|
| BLAKE2b-256 | daa7d749f6c44bf362c2b0f0b7536a4003aae6c4ee0de57cb8270661c273a75e |
File details
Details for the file drakpdb-0.2.2-cp312-cp312-musllinux_1_2_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp312-cp312-musllinux_1_2_x86_64.whl
- Upload date:
- Size: 96.1 kB
- Tags: CPython 3.12, musllinux: musl 1.2+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 5bdde0faa76cf67beff0713722a02756499eae84a6805cd9e402a42aea71d2a9 |
|
| MD5 | 82008d1955b707e16ae70108716cbf69 |
|
| BLAKE2b-256 | 53edadcd75107fad773e8b15696774fcbd5afe5d3661e27a703c41d8bbe34e91 |
File details
Details for the file drakpdb-0.2.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 95.9 kB
- Tags: CPython 3.12, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0ab4966d75ef522f4a610f3fcbac819609a190ed7ce64c7e52e724b4a6d2f3f7 |
|
| MD5 | 1224d39186bb3eeca59e6be8a0bc5c8e |
|
| BLAKE2b-256 | 9580b9393d9c90cc62fca62b8fc513e470be61d1c6ab87eaf2b8203fc0ef9f30 |
File details
Details for the file drakpdb-0.2.2-cp311-cp311-musllinux_1_2_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp311-cp311-musllinux_1_2_x86_64.whl
- Upload date:
- Size: 96.2 kB
- Tags: CPython 3.11, musllinux: musl 1.2+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 8b034d529f1d890b86b27e55d2c634131ae23043b2df3c694bd5f4ed9d4cdd89 |
|
| MD5 | 0de90eca437ea1f802afcfa976812013 |
|
| BLAKE2b-256 | 678219d7e8ac6e4887c9bbc39095c81e5c4da8aadc8a2c1c243b49d0bc31fea7 |
File details
Details for the file drakpdb-0.2.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 96.0 kB
- Tags: CPython 3.11, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d46e0ff080dca6c113adf365721953af05004b6d7deb485abca50c74443418d1 |
|
| MD5 | c5b24fc63a4c81d03c9a733fab121868 |
|
| BLAKE2b-256 | fbdaadae882bcbbdccfac2540fdecaccf900bb6eca9cd9fd8772a4c95856a665 |
File details
Details for the file drakpdb-0.2.2-cp310-cp310-musllinux_1_2_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp310-cp310-musllinux_1_2_x86_64.whl
- Upload date:
- Size: 96.2 kB
- Tags: CPython 3.10, musllinux: musl 1.2+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4f2d4d0f85fd36d9e606327ebe2c00a13456665a64c85580708782c15fe146d8 |
|
| MD5 | 3968f72445036a8eb47b68f6d87b3390 |
|
| BLAKE2b-256 | d3d548e15a8fc806485496c5039a9b36e16808860c3af6af586ef6304c7eaac9 |
File details
Details for the file drakpdb-0.2.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 95.9 kB
- Tags: CPython 3.10, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 2184354bc569f7dc2420d94b3b0e33606c1917b706ed63832498a621632f1a34 |
|
| MD5 | b380c78455a22c33b65f1cab04f1f71b |
|
| BLAKE2b-256 | cc4de7db30a3f61d6f053483834324916fcedbe7fcf6f65e3a8826a775abb0bf |
File details
Details for the file drakpdb-0.2.2-cp39-cp39-musllinux_1_2_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp39-cp39-musllinux_1_2_x86_64.whl
- Upload date:
- Size: 96.0 kB
- Tags: CPython 3.9, musllinux: musl 1.2+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | cb33b8b5e07e7d4c80f9ac85497cdb4f5e824766115427744e094181d4a2614b |
|
| MD5 | 69e1def5b9c8a028d9944b9e01e8e2ff |
|
| BLAKE2b-256 | 2d591d6a919c5e9d6f003669d48b0c9f904df212885c25cd7f5fbe89ca322d0f |
File details
Details for the file drakpdb-0.2.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 95.8 kB
- Tags: CPython 3.9, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 771a11fb99f12d3087f8c13cae879d0bb2ab162be6c3fe838dd38c64872347cc |
|
| MD5 | ecea21fe54219fd4d7482a041f069645 |
|
| BLAKE2b-256 | 367cea705f3f0969ded2bb7a7f7359fd81eaceff446745663f16ae96bdf9b7a7 |
File details
Details for the file drakpdb-0.2.2-cp38-cp38-musllinux_1_2_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp38-cp38-musllinux_1_2_x86_64.whl
- Upload date:
- Size: 96.1 kB
- Tags: CPython 3.8, musllinux: musl 1.2+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ea276b2a7d0c216f26a4591eb3bb11f380efa342237368c7b83fbf6b1b47c1fc |
|
| MD5 | 89bb4562e42bb03a3c8a4e51c31204da |
|
| BLAKE2b-256 | d941b2ad22946a95749228ea2227b4b7789d7ddd6f4e840760a2c8378150de69 |
File details
Details for the file drakpdb-0.2.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: drakpdb-0.2.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 96.3 kB
- Tags: CPython 3.8, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c73451349c154ce3aa3c013e9da95541240282422eb0d97a0414bb69340dfbf9 |
|
| MD5 | 79efa30f278f056580613292e89b6d22 |
|
| BLAKE2b-256 | 011ac50e1a2aefff19a012367f603763b4fa613f664e6f75b6f821df908720ec |
