PyShadow - ShadowCopy Anaylze Tool
Project description
Python ShadowCopy Analyzer for Cyber Security Researchers!
Medium Link for Developers
Installation
PyPi : PyShadowCopy
Example Code
# List all ShadowCopy ''' Example Result ID : {e9a894be-dae7-49cb-9196-b5a22148210b} Creation Date : 6.11.2022 19:58:20 Shadow Copy Location : \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 ''' list = ReShadowCode.VSS_ListShadows() for shadowlist in list: print("ID : " + shadowlist["id"] + "\nCreation Date : " + shadowlist["creation_time"] + "\nShadow Copy Location : " + shadowlist["shadowcopy"] + "\n") #Create a ShadowCopy ReShadowCode.VSS_Create() #Create a pipe/symlink with ShadowCopy() (Ex. \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopyid) ReShadowCode.VSS_Create_Pipe("C:\\Shadow1", "id") #Get file list from ShadowCopy ''' Example Result Ali Ali Can Gönüllü Ali_000_vcRuntimeMinimum_x64.log Ali_000_vcRuntimeMinimum_x86.log Ali_001_vcRuntimeAdditional_x64.log Ali_001_vcRuntimeAdditional_x86.log All Users Default Default User desktop.ini Public TEMP ''' list = ReShadowCode.VSS_Get_FileList("C:\\Shadow1\\Users") for files in list: print(files)
Images
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
reshadow-0.0.21.tar.gz
(15.9 kB
view hashes)