Analysis plugins for OSWatcher — extract and analyze OS artifacts into Neo4j

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Wenzel from gravatar.com Wenzel

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Mathieu Tarral
  • Requires: Python <4.0, >=3.11
Classifiers
Report project as malware

Project description

OSWatcher Plugins

Analysis plugins for OSWatcher — extract and analyze operating system artifacts (filesystem, registry, PDB symbols, syscalls) and store them as a queryable graph in Neo4j.

Installation

pip install oswatcher-plugins

Plugins

Plugin Description
FileTypePlugin Identifies file types within OS filesystem snapshots
SymbolsPlugin Extracts PDB symbols and struct layouts from PE binaries
WinRegistryPlugin Parses and inserts Windows registry hives
SyscallsPlugin Extracts Windows/Linux syscall tables
LinuxSymbolsPlugin Extracts Linux kernel debug symbols

Usage

Plugins are run via the runner CLI against a neogit branch:

runner <plugin_name> <branch_name>
# example:
runner symbols Windows_10_21H2

Requirements

  • Python 3.11+
  • A running Neo4j instance (configured via neogit settings)
  • neogit — the underlying graph storage library

Documentation

License

Apache 2.0 — see LICENSE.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Wenzel from gravatar.com Wenzel

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Mathieu Tarral
  • Requires: Python <4.0, >=3.11
Classifiers

Release history Release notifications | RSS feed

This version

0.14.1

0.14.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

oswatcher_plugins-0.14.1.tar.gz (30.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

oswatcher_plugins-0.14.1-py3-none-any.whl (39.4 kB view details)

Uploaded Python 3

File details

Details for the file oswatcher_plugins-0.14.1.tar.gz.

File metadata

  • Download URL: oswatcher_plugins-0.14.1.tar.gz
  • Upload date:
  • Size: 30.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.11.15 Linux/6.17.0-1018-azure

File hashes

Hashes for oswatcher_plugins-0.14.1.tar.gz
Algorithm Hash digest
SHA256 4aca9963f5e786fb408379d8e65e76cd2dd5bed2564aea5de7d384e5ececb97b
MD5 b76159064416f057cba998ec70570551
BLAKE2b-256 37e3876a94647bd9d9906628047b1a326ca47a56c1411e27aea5e03b9f82bb4e

See more details on using hashes here.

File details

Details for the file oswatcher_plugins-0.14.1-py3-none-any.whl.

File metadata

  • Download URL: oswatcher_plugins-0.14.1-py3-none-any.whl
  • Upload date:
  • Size: 39.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.11.15 Linux/6.17.0-1018-azure

File hashes

Hashes for oswatcher_plugins-0.14.1-py3-none-any.whl
Algorithm Hash digest
SHA256 f41c4afa04df9370a168a1050818cc146bb1c1fb98a7990390a293aad151a35a
MD5 aa782eb1fb0aae57533c7a2dcaca8fd2
BLAKE2b-256 93e5b976345b49d3ace7396010b5fa5fc9d8cef3d5aa0d1ae2f7d2c2340a321c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page