def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: # Since we're calling the plugin, make sure we have the plugin's requirements return [requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), # TODO: Convert this to a ListRequirement so that people can filter on sets of ranges requirements.IntRequirement(name = 'address', description = "Process virtual memory address to include " \ "(all other address ranges are excluded). This must be " \ "a base address, not an address within the desired range.", optional = True), requirements.ListRequirement(name = 'pid', description = 'Filter on specific process IDs', element_type = int, optional = True), requirements.PluginRequirement(name = 'pslist', plugin = pslist.PsList, version = (2, 0, 0)), requirements.BooleanRequirement(name = 'dump', description = "Extract listed memory ranges", default = False, optional = True), requirements.IntRequirement(name = 'maxsize', description = "Maximum size for dumped VAD sections " \ "(all the bigger sections will be ignored)", default = cls.MAXSIZE_DEFAULT, optional = True), ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), requirements.IntRequirement(name = 'offset', description = "Hive Offset", default = None, optional = True), requirements.PluginRequirement(name = 'hivelist', plugin = hivelist.HiveList, version = (1, 0, 0)) ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Kernel module for the OS', architectures = ["Intel32", "Intel64"]), requirements.VersionRequirement(name = 'macutils', component = mac.MacUtilities, version = (1, 0, 0)), requirements.PluginRequirement(name = 'lsmod', plugin = lsmod.Lsmod, version = (2, 0, 0)) ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: # Since we're calling the plugin, make sure we have the plugin's requirements return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.VersionRequirement(name='pslist', component=pslist.PsList, version=(2, 0, 0)), requirements.VersionRequirement(name='info', component=info.Info, version=(1, 0, 0)), requirements.ListRequirement( name='pid', element_type=int, description= "Process IDs to include (all other processes are excluded)", optional=True), requirements.BooleanRequirement(name='dump', description="Extract listed DLLs", default=False, optional=True) ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Kernel module for the OS', architectures=["Intel32", "Intel64"]), ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: # Since we're calling the plugin, make sure we have the plugin's requirements return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.IntRequirement( name='pid', description= "Process ID to include (all other processes are excluded)", optional=True), requirements.IntRequirement( name='virtaddr', description= "Dump a single _FILE_OBJECT at this virtual address", optional=True), requirements.IntRequirement( name='physaddr', description= "Dump a single _FILE_OBJECT at this physical address", optional=True), requirements.VersionRequirement(name='pslist', component=pslist.PsList, version=(2, 0, 0)), requirements.VersionRequirement(name='handles', component=handles.Handles, version=(1, 0, 0)) ]
def get_requirements(cls): return [ requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), requirements.PluginRequirement(name = 'ssdt', plugin = ssdt.SSDT, version = (1, 0, 0)), requirements.PluginRequirement(name = 'driverscan', plugin = driverscan.DriverScan, version = (1, 0, 0)), ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.VersionRequirement(name='netscan', component=netscan.NetScan, version=(1, 0, 0)), requirements.VersionRequirement(name='modules', component=modules.Modules, version=(1, 0, 0)), requirements.VersionRequirement(name='pdbutil', component=pdbutil.PDBUtility, version=(1, 0, 0)), requirements.VersionRequirement(name='info', component=info.Info, version=(1, 0, 0)), requirements.VersionRequirement(name='verinfo', component=verinfo.VerInfo, version=(1, 0, 0)), requirements.BooleanRequirement( name='include-corrupt', description= "Radically eases result validation. This will show partially overwritten data. WARNING: the results are likely to include garbage and/or corrupt data. Be cautious!", default=False, optional=True), ]
def get_requirements(cls): return [ requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), requirements.PluginRequirement(name = 'poolscanner', plugin = poolscanner.PoolScanner, version = (1, 0, 0)), requirements.PluginRequirement(name = 'bigpools', plugin = bigpools.BigPools, version = (1, 0, 0)), ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='pslist', plugin=pslist.PsList, version=(2, 0, 0)), requirements.VersionRequirement(name='info', component=info.Info, version=(1, 0, 0)), requirements.ListRequirement( name='pid', element_type=int, description= "Process ID to include (all other processes are excluded)", optional=True), requirements.BooleanRequirement( name='dump', description="Extract listed processes", default=False, optional=True), requirements.BooleanRequirement( name='physical', description="Display physical offset instead of virtual", default=False, optional=True) ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement( name='kernel', description='Linux kernel', architectures=["Intel32", "Intel64"]), ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: # Since we're calling the plugin, make sure we have the plugin's requirements return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]) ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Linux kernel', architectures = ["Intel32", "Intel64"]), requirements.ListRequirement(name = 'pid', description = 'Filter on specific process IDs', element_type = int, optional = True) ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Kernel module for the OS', architectures = ["Intel32", "Intel64"]), requirements.PluginRequirement(name = 'pslist', plugin = pslist.PsList, version = (3, 0, 0)), requirements.ListRequirement(name = 'pid', description = 'Filter on specific process IDs', element_type = int, optional = True) ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Kernel module for the OS', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='mount', plugin=mount.Mount, version=(2, 0, 0)), ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='hivelist', plugin=hivelist.HiveList, version=(1, 0, 0)) ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Kernel module for the OS', architectures=["Intel32", "Intel64"]), requirements.VersionRequirement(name='macutils', component=mac.MacUtilities, version=(1, 0, 0)) ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Kernel module for the OS', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='pslist', plugin=pslist.PsList, version=(3, 0, 0)) ]
def get_requirements(cls): return ([ requirements.ModuleRequirement(name='kernel', description='Windows kernel'), requirements.PluginRequirement(name='pslist', plugin=pslist.PsList, version=(2, 0, 0)), requirements.IntRequirement(name='pid', description="Process ID", optional=True) ])
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Linux kernel', architectures = ["Intel32", "Intel64"]), requirements.PluginRequirement(name = 'pslist', plugin = pslist.PsList, version = (2, 0, 0)), requirements.VersionRequirement(name = 'linuxutils', component = linux.LinuxUtilities, version = (2, 0, 0)), requirements.ListRequirement(name = 'pid', description = 'Filter on specific process IDs', element_type = int, optional = True) ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), requirements.PluginRequirement(name = 'pslist', plugin = pslist.PsList, version = (2, 0, 0)), requirements.ListRequirement(name = 'pid', element_type = int, description = "Process ID to include (all other processes are excluded)", optional = True), requirements.URIRequirement(name = "strings_file", description = "Strings file") ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='modules', plugin=modules.Modules, version=(1, 0, 0)), ]
def get_requirements(cls): return ([ requirements.ModuleRequirement(name="kernel", description="Darwin kernel module"), requirements.PluginRequirement(name='pslist', plugin=pslist.PsList, version=(3, 0, 0)), requirements.IntRequirement(name='pid', description="Process ID", optional=True) ])
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement( name='kernel', description='Linux kernel', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='lsmod', plugin=lsmod.Lsmod, version=(2, 0, 0)) ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: # Since we're calling the plugin, make sure we have the plugin's requirements return [ requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), requirements.PluginRequirement(name = 'pslist', plugin = pslist.PsList, version = (2, 0, 0)), requirements.ListRequirement(name = 'pid', element_type = int, description = "Process IDs to include (all other processes are excluded)", optional = True) ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement( name="kernel", description="Windows kernel", architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name="driverscan", plugin=driverscan.DriverScan, version=(1, 0, 0)), ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Linux kernel', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='lsmod', plugin=lsmod.Lsmod, version=(2, 0, 0)), requirements.VersionRequirement(name='linuxutils', component=linux.LinuxUtilities, version=(2, 0, 0)) ]
def get_requirements(cls): return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.VersionRequirement(name='hashdump', component=hashdump.Hashdump, version=(1, 1, 0)), requirements.VersionRequirement(name='hivelist', component=hivelist.HiveList, version=(1, 0, 0)) ]
def get_requirements(cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement(name = 'kernel', description = 'Windows kernel', architectures = ["Intel32", "Intel64"]), requirements.StringRequirement(name = 'filter', description = "String to filter hive names returned", optional = True, default = None), requirements.PluginRequirement(name = 'hivescan', plugin = hivescan.HiveScan, version = (1, 0, 0)), requirements.BooleanRequirement(name = 'dump', description = "Extract listed registry hives", default = False, optional = True) ]
def get_requirements( cls) -> List[interfaces.configuration.RequirementInterface]: return [ requirements.ModuleRequirement( name='kernel', description='Windows kernel', architectures=["Intel32", "Intel64"]), requirements.PluginRequirement(name='ssdt', plugin=ssdt.SSDT, version=(1, 0, 0)), requirements.PluginRequirement(name='svcscan', plugin=svcscan.SvcScan, version=(1, 0, 0)) ]