haystack

Search C Structures in a process' memory

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Development Status
- 5 - Production/Stable
Environment
- Console
Intended Audience
- Developers
License
- OSI Approved :: GNU General Public License (GPL)
Programming Language
- Python
Topic
- Security
- System :: Networking

Project description

HOWTO:
------

>>> import haystack
>>> haystack.findStruct( pid , 'ctypes.c_int')
>>> haystack.findStruct( pid , 'ctypes_example.big_struct')

It's easy to add new structures (check ctypeslib or do it by hand )

not so FAQ :
============

What does it do ?:
------------------
The basic functionnality is to search in a process' memory maps for a specific C Structures.

How do it knows that the structures is valid ? :
------------------------------------------------
You add some constraints ( expectedValues ) on the fields. Pointers are also a good start.

Where does the idea comes from ? :
-----------------------------------
use http://www.hsc.fr/ressources/breves/passe-partout.html.fr to get keys
use http://pauldotcom.com/2010/10/tsharkwireshark-ssl-decryption.html
or http://www.rtfm.com/ssldump/ to read streams
use scapy, because it's fun ? but we need IP reassembly .
pynids could be more useful...
dsniff is now in python ?
flowgrep
use python.

What are the dependencies ? :
----------------------------
python-ptrace

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Development Status
- 5 - Production/Stable
Environment
- Console
Intended Audience
- Developers
License
- OSI Approved :: GNU General Public License (GPL)
Programming Language
- Python
Topic
- Security
- System :: Networking

Release history Release notifications | RSS feed

0.42

Jul 3, 2017

0.41

Jun 16, 2017

0.40

Jun 8, 2017

0.36

Mar 16, 2016

0.35

Mar 15, 2016

0.34

Mar 5, 2016

0.33

Jan 26, 2016

0.32

Jan 25, 2016

0.31

Nov 5, 2015

0.30

Oct 29, 2015

0.29

Oct 8, 2015

0.28

Oct 8, 2015

0.27

Sep 23, 2015

0.26

Sep 11, 2015

0.25

Sep 11, 2015

0.24

Sep 10, 2015

0.23

Sep 10, 2015

0.22

Sep 10, 2015

0.21

Sep 10, 2015

0.20

Sep 10, 2015

0.17

Jun 18, 2012

0.16

Apr 5, 2012

0.15

Feb 19, 2012

0.13

Aug 29, 2011

0.12

Aug 24, 2011

0.11

Aug 22, 2011

0.10

Aug 16, 2011

0.9

Jul 29, 2011

0.8

Jul 8, 2011

0.7

May 7, 2011

0.6

Apr 14, 2011

0.5

Apr 8, 2011

0.4

Apr 1, 2011

0.3

Mar 30, 2011

This version

0.2

Mar 29, 2011

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

haystack-0.2.tar.gz (14.2 kB view hashes)

Uploaded Mar 29, 2011 Source

Hashes for haystack-0.2.tar.gz

Hashes for haystack-0.2.tar.gz
Algorithm	Hash digest
SHA256	`ff35bbabf3374ee262209abbd72dae82e2fae7f6cf2b02a5c7906b4eeb2f07cb`
MD5	`7071b11a246fde19f652d21449924c7d`
BLAKE2b-256	`2c3cc35a7ea088cefdff6982bb48ec666e4d38306815e25d49ed151e50f669ce`