PyShadow - ShadowCopy Anaylze Tool
Project description
Python ShadowCopy Analyzer for Cyber Security Researchers!
Medium Link for Developers
Installation
PyPi : PyShadowCopy
Example Code
# List all ShadowCopy
'''
Example Result
ID : {e9a894be-dae7-49cb-9196-b5a22148210b}
Creation Date : 6.11.2022 19:58:20
Shadow Copy Location : \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7
'''
list = ReShadowCode.VSS_ListShadows()
for shadowlist in list:
print("ID : " + shadowlist["id"] + "\nCreation Date : " + shadowlist["creation_time"] + "\nShadow Copy Location : " + shadowlist["shadowcopy"] + "\n")
#Create a ShadowCopy
ReShadowCode.VSS_Create()
#Create a pipe/symlink with ShadowCopy() (Ex. \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopyid)
ReShadowCode.VSS_Create_Pipe("C:\\Shadow1", "id")
#Get file list from ShadowCopy
'''
Example Result
Ali
Ali Can Gönüllü
Ali_000_vcRuntimeMinimum_x64.log
Ali_000_vcRuntimeMinimum_x86.log
Ali_001_vcRuntimeAdditional_x64.log
Ali_001_vcRuntimeAdditional_x86.log
All Users
Default
Default User
desktop.ini
Public
TEMP
'''
list = ReShadowCode.VSS_Get_FileList("C:\\Shadow1\\Users")
for files in list:
print(files)
Images
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
reshadow-0.0.21.tar.gz
(15.9 kB
view details)
File details
Details for the file reshadow-0.0.21.tar.gz.
File metadata
- Download URL: reshadow-0.0.21.tar.gz
- Upload date:
- Size: 15.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e0ad1d0c9ca48f32793abc7ccaffa1bcdf40a9d7bab35b2729e35a3128461871 |
|
| MD5 | 2ffab7fd5517e2b1ea30f81b9a41e118 |
|
| BLAKE2b-256 | 8e02d58fd9bbd3d62d784cd8b2e7763f188dcb6d24515aa2c6fcf28c6b84950e |
