Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-08 16:37:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
74 Commits 2 Branches 0 Tags
eeefd835fe941c00615a1a20a62fae8591eecd1c
Commit Graph

19 Commits

Author SHA1 Message Date
Maxime Meignan eeefd835fe Refactored the extraction script for easier integration of new images/symbols 2023-11-29 14:28:17 +01:00
Maxime Meignan b1321850c1 ExtractOffsets.py: detect invalid PDB 2023-11-03 15:57:35 +01:00
Maxime Meignan 43b159e2b1 ExtractOffsets.py: handle new offsets & duplicate PEs on MS servers 2023-11-03 15:57:10 +01:00
Maxime Meignan 09dc67bc65 v1.0 of the pypdb parser: completely removed the radare2 dependency 2023-10-31 17:06:20 +01:00
Maxime Meignan d38b84d179 starting removing the PE parsing in ExtractOffsets.py to get rid of r2 2023-10-27 16:18:42 +02:00
Maxime Meignan 9939301140 ExtractOffsets.py: added safety check in version number recovery 2023-10-06 11:46:25 +02:00
Maxime Meignan a49f69b122 ExtractOffsets.py: adds an optionnal control on number of threads 2023-10-06 11:46:25 +02:00
Maxime Meignan 5f82ba2efe ExtractOffsets.py: minor syntactic, cosmetic and safety changes 2023-10-06 10:31:26 +02:00
Maxime Meignan 75b0168045 Merge branch 'master' into g_CiOptionExtract 2023-10-06 10:24:05 +02:00
laxa a561976b5d Fix version parsing issue in offsets extractor 
Now finding version information in the nested json file to prevent some
crashes and potentially retrieving more ntoskrnl.exe files
 2023-10-05 15:11:16 +02:00
laxa 45d3ff5486 Fix concurrency issues in offsets extractor 
Fixes the following:
* The progress not showing correctly when downloading and processing files.
    I had to remove some verbose information to avoid the progress being rewritten
* Introducing locks when downloading files to prevent any race when printing
 2023-10-05 14:34:58 +02:00
Maxime Meignan bafddfbced Fixed a radare2 version parsing error in extractoffsets.py 2023-04-17 16:07:09 +02:00
Viking 5f2734a888 Add g_CiOptions offset extract "feature" 
Here is an example :  
ExtractOffsets.py ci -i C:\Windows\System32\ci.dll
 2022-12-06 18:13:53 +01:00
Qazeer 48a75a7029 D3FC0N 30 release: Obj callbacks, firewalling, symbols w/ internet, and more 
Co-authored-by: Maxime Meignan <maxime.meignan@wavestone.com>
 2022-08-13 09:23:48 -07:00
Qazeer 744754ae04 Fixes typos in ExtractOffsets script 2022-01-17 23:51:05 +01:00
Maxime Meignan d29986ab80 Improved error verbosity 2022-01-17 17:19:21 +01:00
zeroNounours 10c04a9174 Rather use r2 to get file version than pefile 2021-12-08 13:55:16 +01:00
zeroNounours 82704114b3 Make ExtractOffsets.py compatible with Linux 2021-12-08 13:43:29 +01:00
Maxime Meignan 4bff81986b Initial commit for public version 
Co-authored-by: Thomas Diot <thomas.diot@wavestone.com>
 2021-11-08 09:54:05 +01:00