Analysis plugins for OSWatcher — extract and analyze OS artifacts into Neo4j

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Wenzel from gravatar.com Wenzel

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Mathieu Tarral
  • Requires: Python <4.0, >=3.11
Classifiers
Report project as malware

Project description

OSWatcher Plugins

Analysis plugins for OSWatcher — extract and analyze operating system artifacts (filesystem, registry, PDB symbols, syscalls) and store them as a queryable graph in Neo4j.

Installation

pip install oswatcher-plugins

Plugins

Plugin Description
FileTypePlugin Identifies file types within OS filesystem snapshots
SymbolsPlugin Extracts PDB symbols and struct layouts from PE binaries
WinRegistryPlugin Parses and inserts Windows registry hives
SyscallsPlugin Extracts Windows/Linux syscall tables
LinuxSymbolsPlugin Extracts Linux kernel debug symbols

Usage

Plugins are run via the runner CLI against a neogit branch:

runner <plugin_name> <branch_name>
# example:
runner symbols Windows_10_21H2

Requirements

  • Python 3.11+
  • A running Neo4j instance (configured via neogit settings)
  • neogit — the underlying graph storage library

Documentation

License

Apache 2.0 — see LICENSE.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Wenzel from gravatar.com Wenzel

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Mathieu Tarral
  • Requires: Python <4.0, >=3.11
Classifiers

Release history Release notifications | RSS feed

0.14.1

This version

0.14.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

oswatcher_plugins-0.14.0.tar.gz (30.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

oswatcher_plugins-0.14.0-py3-none-any.whl (38.2 kB view details)

Uploaded Python 3

File details

Details for the file oswatcher_plugins-0.14.0.tar.gz.

File metadata

  • Download URL: oswatcher_plugins-0.14.0.tar.gz
  • Upload date:
  • Size: 30.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.11.15 Linux/6.17.0-1015-azure

File hashes

Hashes for oswatcher_plugins-0.14.0.tar.gz
Algorithm Hash digest
SHA256 d76f5e5f572f35cf1832b04762402f7643fd572697919d671d2e0c1157242905
MD5 658ec88e3964dfb9c4f9d68736ffc156
BLAKE2b-256 9fadf6afa0f533d4aaacd74b6922463ce4b977ac36934b5d256d2d8e693cd3d6

See more details on using hashes here.

File details

Details for the file oswatcher_plugins-0.14.0-py3-none-any.whl.

File metadata

  • Download URL: oswatcher_plugins-0.14.0-py3-none-any.whl
  • Upload date:
  • Size: 38.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.11.15 Linux/6.17.0-1015-azure

File hashes

Hashes for oswatcher_plugins-0.14.0-py3-none-any.whl
Algorithm Hash digest
SHA256 162b7b5a39473dcac384221b8df27e0e929e20e4bf6317b9252b234a50d6e7fc
MD5 60ac153a418b0e1d9d3516507b95a3f6
BLAKE2b-256 e7e79b2dd5719a89761612a7eb26d4f4b03d927352b669d998967e9e9a593c54

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page