[Forensics-changes] [volatility] branch debian updated (f875c53 -> 6984c55)
Joao Eriberto Mota Filho
eriberto at moszumanska.debian.org
Sun Nov 22 17:18:18 UTC 2015
This is an automated email from the git hooks/post-receive script.
eriberto pushed a change to branch debian
in repository volatility.
from f875c53 Imported Debian patch 2.4.1-2
adds 0b4678c Upstream 2.4.1.
new c39b324 Imported Upstream version 2.5
new 6984c55 Imported Debian patch 2.5-1
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitignore | 3 +
AUTHORS.txt | 11 +-
CREDITS.txt | 19 +-
README.txt | 67 +-
contrib/{plugins/aspaces => }/__init__.py | 0
contrib/library_example/libapi.py | 41 +
contrib/library_example/pslist_json.py | 46 +
contrib/plugins/{aspaces => }/__init__.py | 0
contrib/plugins/{aspaces => malware}/__init__.py | 0
debian/changelog | 19 +
debian/clean | 1 -
debian/control | 41 +-
debian/copyright | 81 +-
debian/gbp.conf | 3 -
debian/manpage/genallman.sh | 13 +-
debian/manpage/volatility.1 | 290 +-
debian/manpage/volatility.header | 2 +-
debian/manpage/volatility.txt | 394 +-
debian/source/options | 2 -
debian/volatility.docs | 2 +
pyinstaller/hook-openpyxl.py | 19 +
pyinstaller/hook-yara.py | 8 +
setup.py | 3 +-
tools/linux/Makefile.enterprise | 15 +
tools/linux/kcore/elf.h | 4 +-
tools/linux/module.c | 16 +-
tools/mac/generate_profile_list.py | 103 +
tools/windows/parsesummary.py | 68 +
volatility/addrspace.py | 2 +-
volatility/commands.py | 143 +-
volatility/constants.py | 2 +-
volatility/debug.py | 2 +-
volatility/fmtspec.py | 5 +-
volatility/obj.py | 3 +-
volatility/plugins/addrspaces/amd64.py | 9 +-
volatility/plugins/addrspaces/arm.py | 2 +
volatility/plugins/addrspaces/crashbmp.py | 10 +-
volatility/plugins/addrspaces/intel.py | 9 +-
volatility/plugins/addrspaces/vmem.py | 4 +-
volatility/plugins/bigpagepools.py | 40 +-
volatility/plugins/bioskbd.py | 13 +
volatility/plugins/cmdline.py | 18 +-
volatility/plugins/connections.py | 20 +
volatility/plugins/connscan.py | 17 +-
volatility/plugins/crashinfo.py | 64 +-
volatility/plugins/dlldump.py | 33 +-
volatility/plugins/drivermodule.py | 34 +-
volatility/plugins/dumpcerts.py | 84 +-
volatility/plugins/dumpfiles.py | 144 +-
volatility/plugins/envars.py | 27 +-
volatility/plugins/evtlogs.py | 33 +-
volatility/plugins/filescan.py | 211 +-
volatility/plugins/getservicesids.py | 12 +
volatility/plugins/getsids.py | 94 +-
volatility/plugins/gui/atoms.py | 93 +-
volatility/plugins/gui/clipboard.py | 48 +
volatility/plugins/gui/desktops.py | 53 +-
volatility/plugins/gui/editbox.py | 473 ++
volatility/plugins/gui/gahti.py | 47 +-
.../plugins/gui/vtypes/win7_sp0_x64_vtypes_gui.py | 8 +-
.../plugins/gui/vtypes/win7_sp1_x64_vtypes_gui.py | 8 +-
volatility/plugins/gui/vtypes/xp.py | 2 +-
volatility/plugins/gui/win32k_core.py | 30 +
volatility/plugins/handles.py | 46 +-
volatility/plugins/heaps.py | 3 +-
volatility/plugins/iehistory.py | 61 +-
volatility/plugins/imagecopy.py | 40 +-
volatility/plugins/imageinfo.py | 43 +-
volatility/plugins/joblinks.py | 64 +-
volatility/plugins/kdbgscan.py | 20 +-
volatility/plugins/linux/apihooks.py | 35 +-
volatility/plugins/linux/arp.py | 11 +-
volatility/plugins/linux/bash.py | 18 +-
volatility/plugins/linux/bash_hash.py | 43 +-
volatility/plugins/linux/check_creds.py | 24 +-
volatility/plugins/linux/check_fops.py | 14 +-
volatility/plugins/linux/check_idt.py | 55 +-
volatility/plugins/linux/check_inline_kernel.py | 18 +-
volatility/plugins/linux/check_modules.py | 13 +-
volatility/plugins/linux/check_syscall.py | 15 +-
volatility/plugins/linux/check_syscall_arm.py | 18 +
volatility/plugins/linux/common.py | 14 +-
volatility/plugins/linux/cpuinfo.py | 13 +-
volatility/plugins/linux/elfs.py | 20 +-
volatility/plugins/linux/enumerate_files.py | 24 +-
volatility/plugins/linux/find_file.py | 10 +-
volatility/plugins/linux/hidden_modules.py | 18 +-
volatility/plugins/linux/ifconfig.py | 14 +-
volatility/plugins/linux/info_regs.py | 29 +-
volatility/plugins/linux/kernel_opened_files.py | 38 +-
.../plugins/linux/{libc_env.py => ld_env.py} | 13 +-
volatility/plugins/linux/ldrmodules.py | 24 +-
volatility/plugins/linux/libc_env.py | 5 +-
volatility/plugins/linux/library_list.py | 16 +-
volatility/plugins/linux/librarydump.py | 2 +-
volatility/plugins/linux/linux_strings.py | 3 +-
volatility/plugins/linux/list_raw.py | 17 +-
volatility/plugins/linux/lsof.py | 29 +-
volatility/plugins/linux/mount.py | 60 +-
volatility/plugins/linux/mount_cache.py | 26 +-
.../plugins/linux/{netfiler.py => netfilter.py} | 14 +-
volatility/plugins/linux/netscan.py | 129 +
volatility/plugins/linux/pidhashtable.py | 51 +-
volatility/plugins/linux/proc_maps.py | 43 +-
volatility/plugins/linux/procdump.py | 56 +-
volatility/plugins/linux/process_info.py | 2 +-
volatility/plugins/linux/process_stack.py | 2 +-
volatility/plugins/linux/psaux.py | 14 +-
volatility/plugins/linux/psenv.py | 12 +-
volatility/plugins/linux/pslist.py | 54 +-
volatility/plugins/linux/pstree.py | 72 +-
volatility/plugins/linux/psxview.py | 32 +-
volatility/plugins/linux/threads.py | 55 +-
volatility/plugins/linux/tmpfs.py | 2 +-
volatility/plugins/mac/WKdm.py | 562 ++
volatility/plugins/mac/adiummsgs.py | 30 +-
volatility/plugins/mac/apihooks.py | 46 +-
volatility/plugins/mac/apihooks_kernel.py | 55 +-
volatility/plugins/mac/bash.py | 106 +-
volatility/plugins/mac/bash_env.py | 102 +-
volatility/plugins/mac/bash_hash.py | 139 +-
volatility/plugins/mac/calendar.py | 30 +-
volatility/plugins/mac/check_mig_table.py | 18 +-
volatility/plugins/mac/check_syscall_shadow.py | 17 +-
volatility/plugins/mac/check_syscall_table.py | 33 +-
volatility/plugins/mac/check_sysctl.py | 27 +-
volatility/plugins/mac/check_trap_table.py | 20 +-
volatility/plugins/mac/common.py | 99 +
volatility/plugins/mac/compressed_swap.py | 208 +
volatility/plugins/mac/contacts.py | 20 +-
volatility/plugins/mac/dlyd_maps.py | 25 +-
volatility/plugins/mac/dump_map.py | 324 +-
volatility/plugins/mac/get_profile.py | 158 +
volatility/plugins/mac/gkextmap.py | 46 +-
volatility/plugins/mac/ifconfig.py | 21 +-
volatility/plugins/mac/ip_filters.py | 27 +-
volatility/plugins/mac/keychaindump.py | 15 +-
volatility/plugins/mac/ldrmodules.py | 34 +-
volatility/plugins/mac/librarydump.py | 47 +-
volatility/plugins/mac/list_files.py | 50 +-
volatility/plugins/mac/list_kauth_listeners.py | 87 +
volatility/plugins/mac/list_kauth_scopes.py | 97 +
volatility/plugins/mac/list_raw.py | 96 +
volatility/plugins/mac/list_zones.py | 29 +-
volatility/plugins/mac/lsmod.py | 23 +-
volatility/plugins/mac/lsmod_iokit.py | 48 +-
volatility/plugins/mac/lsof.py | 47 +-
volatility/plugins/mac/mac_strings.py | 5 +-
volatility/plugins/mac/mac_yarascan.py | 17 +-
volatility/plugins/mac/malfind.py | 26 +-
volatility/plugins/mac/moddump.py | 29 +-
volatility/plugins/mac/mount.py | 17 +
volatility/plugins/mac/netconns.py | 25 +-
volatility/plugins/mac/netstat.py | 70 +-
volatility/plugins/mac/notesapp.py | 34 +-
volatility/plugins/mac/notifiers.py | 40 +-
volatility/plugins/mac/orphan_threads.py | 138 +
volatility/plugins/mac/pid_hash_table.py | 4 +-
volatility/plugins/mac/print_boot_cmdline.py | 10 +
volatility/plugins/mac/proc_maps.py | 29 +-
volatility/plugins/mac/procdump.py | 82 +-
volatility/plugins/mac/psaux.py | 24 +
volatility/plugins/mac/{psaux.py => psenv.py} | 29 +-
volatility/plugins/mac/pslist.py | 48 +-
volatility/plugins/mac/psxview.py | 32 +-
volatility/plugins/mac/recover_filesystem.py | 8 +-
volatility/plugins/mac/route.py | 27 +-
volatility/plugins/mac/session_hash_table.py | 27 +-
volatility/plugins/mac/socket_filters.py | 32 +-
volatility/plugins/mac/threads.py | 446 ++
volatility/plugins/mac/threads_simple.py | 98 +
volatility/plugins/mac/trustedbsd.py | 27 +-
volatility/plugins/malware/apihooks.py | 67 +-
volatility/plugins/malware/callbacks.py | 51 +-
volatility/plugins/malware/cmdhistory.py | 236 +-
volatility/plugins/malware/idt.py | 83 +
volatility/plugins/malware/impscan.py | 40 +-
volatility/plugins/malware/malfind.py | 286 +-
volatility/plugins/malware/psxview.py | 174 +-
volatility/plugins/malware/servicediff.py | 178 +
volatility/plugins/malware/svcscan.py | 94 +-
volatility/plugins/malware/timers.py | 28 +
volatility/plugins/mbrparser.py | 106 +
volatility/plugins/mftparser.py | 325 +-
volatility/plugins/moddump.py | 29 +-
volatility/plugins/modscan.py | 55 +-
volatility/plugins/modules.py | 47 +-
volatility/plugins/multiscan.py | 11 +-
volatility/plugins/netscan.py | 52 +-
volatility/plugins/objtypescan.py | 30 +-
volatility/plugins/overlays/basic.py | 13 +-
volatility/plugins/overlays/linux/elf.py | 3 +-
volatility/plugins/overlays/linux/linux.py | 313 +-
volatility/plugins/overlays/mac/mac.py | 619 +-
volatility/plugins/overlays/mac/macho.py | 11 +-
volatility/plugins/overlays/windows/pe_vtypes.py | 2 +-
volatility/plugins/overlays/windows/vad_vtypes.py | 11 +-
.../overlays/windows/vista_sp0_x64_syscalls.py | 2352 +++---
.../overlays/windows/vista_sp12_x64_syscalls.py | 2338 +++---
.../overlays/windows/vista_sp12_x86_syscalls.py | 2334 +++---
volatility/plugins/overlays/windows/win10.py | 345 +
...{win8_sp1_x64_vtypes.py => win10_x64_vtypes.py} | 7714 ++++++++++++--------
...{win8_sp1_x86_vtypes.py => win10_x86_vtypes.py} | 6774 +++++++++++------
volatility/plugins/overlays/windows/win2003.py | 1 +
.../overlays/windows/win2003_sp0_x86_syscalls.py | 1924 ++---
.../overlays/windows/win2003_sp12_x64_syscalls.py | 1934 ++---
.../overlays/windows/win2003_sp12_x86_syscalls.py | 1930 ++---
volatility/plugins/overlays/windows/win7.py | 5 +-
.../overlays/windows/win7_sp01_x64_syscalls.py | 2464 +++----
volatility/plugins/overlays/windows/win8.py | 20 +-
...n8_sp1_x64_vtypes.py => win81_u1_x64_vtypes.py} | 1284 ++--
...n8_sp1_x86_vtypes.py => win81_u1_x86_vtypes.py} | 1210 +--
volatility/plugins/overlays/windows/win8_kdbg.py | 9 +-
.../overlays/windows/win8_sp0_x64_syscalls.py | 2838 +++----
.../overlays/windows/win8_sp0_x86_syscalls.py | 2834 +++----
.../overlays/windows/win8_sp1_x64_syscalls.py | 2950 ++++----
.../overlays/windows/win8_sp1_x86_syscalls.py | 2946 ++++----
volatility/plugins/overlays/windows/windows.py | 17 +-
volatility/plugins/pooltracker.py | 34 +-
volatility/plugins/privileges.py | 124 +-
volatility/plugins/procdump.py | 55 +-
volatility/plugins/pstree.py | 63 +-
volatility/plugins/raw2dmp.py | 5 +-
volatility/plugins/registry/amcache.py | 181 +
volatility/plugins/registry/auditpol.py | 34 +-
volatility/plugins/registry/hivelist.py | 25 +-
volatility/plugins/registry/hivescan.py | 10 +
volatility/plugins/registry/lsadump.py | 31 +
volatility/plugins/registry/printkey.py | 103 +-
volatility/plugins/registry/shellbags.py | 59 +-
volatility/plugins/registry/shimcache.py | 32 +-
volatility/plugins/registry/shutdown.py | 108 +
volatility/plugins/registry/userassist.py | 86 +-
volatility/plugins/sockets.py | 31 +
volatility/plugins/sockscan.py | 29 +-
volatility/plugins/ssdt.py | 103 +-
volatility/plugins/strings.py | 45 +-
volatility/plugins/taskmods.py | 172 +-
volatility/plugins/tcaudit.py | 2 +-
volatility/plugins/timeliner.py | 203 +-
volatility/plugins/vadinfo.py | 106 +-
volatility/plugins/vboxinfo.py | 44 +-
volatility/plugins/verinfo.py | 38 +
volatility/plugins/win10cookie.py | 51 +
volatility/poolscan.py | 19 +-
volatility/renderers/__init__.py | 284 +
volatility/renderers/basic.py | 34 +
volatility/renderers/dot.py | 37 +
volatility/renderers/html.py | 51 +
volatility/renderers/sqlite.py | 74 +
volatility/renderers/text.py | 202 +
volatility/renderers/xlsx.py | 48 +
volatility/timefmt.py | 2 +-
volatility/validity.py | 39 +
volatility/win32/hive.py | 2 +
volatility/win32/tasks.py | 10 +
256 files changed, 36286 insertions(+), 21909 deletions(-)
copy contrib/{plugins/aspaces => }/__init__.py (100%)
create mode 100644 contrib/library_example/libapi.py
create mode 100644 contrib/library_example/pslist_json.py
copy contrib/plugins/{aspaces => }/__init__.py (100%)
copy contrib/plugins/{aspaces => malware}/__init__.py (100%)
delete mode 100644 debian/clean
delete mode 100644 debian/gbp.conf
delete mode 100644 debian/source/options
create mode 100755 pyinstaller/hook-openpyxl.py
create mode 100644 pyinstaller/hook-yara.py
create mode 100644 tools/linux/Makefile.enterprise
create mode 100644 tools/mac/generate_profile_list.py
create mode 100644 tools/windows/parsesummary.py
create mode 100644 volatility/plugins/gui/editbox.py
copy volatility/plugins/linux/{libc_env.py => ld_env.py} (79%)
rename volatility/plugins/linux/{netfiler.py => netfilter.py} (84%)
create mode 100644 volatility/plugins/linux/netscan.py
create mode 100644 volatility/plugins/mac/WKdm.py
create mode 100644 volatility/plugins/mac/compressed_swap.py
create mode 100644 volatility/plugins/mac/get_profile.py
create mode 100644 volatility/plugins/mac/list_kauth_listeners.py
create mode 100644 volatility/plugins/mac/list_kauth_scopes.py
create mode 100644 volatility/plugins/mac/list_raw.py
create mode 100644 volatility/plugins/mac/orphan_threads.py
copy volatility/plugins/mac/{psaux.py => psenv.py} (65%)
create mode 100644 volatility/plugins/mac/threads.py
create mode 100644 volatility/plugins/mac/threads_simple.py
create mode 100644 volatility/plugins/malware/servicediff.py
create mode 100644 volatility/plugins/overlays/windows/win10.py
copy volatility/plugins/overlays/windows/{win8_sp1_x64_vtypes.py => win10_x64_vtypes.py} (69%)
copy volatility/plugins/overlays/windows/{win8_sp1_x86_vtypes.py => win10_x86_vtypes.py} (70%)
copy volatility/plugins/overlays/windows/{win8_sp1_x64_vtypes.py => win81_u1_x64_vtypes.py} (95%)
copy volatility/plugins/overlays/windows/{win8_sp1_x86_vtypes.py => win81_u1_x86_vtypes.py} (95%)
create mode 100644 volatility/plugins/registry/amcache.py
create mode 100644 volatility/plugins/registry/shutdown.py
create mode 100644 volatility/plugins/win10cookie.py
create mode 100644 volatility/renderers/__init__.py
create mode 100644 volatility/renderers/basic.py
create mode 100644 volatility/renderers/dot.py
create mode 100644 volatility/renderers/html.py
create mode 100644 volatility/renderers/sqlite.py
create mode 100644 volatility/renderers/text.py
create mode 100644 volatility/renderers/xlsx.py
create mode 100644 volatility/validity.py
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/volatility.git
More information about the forensics-changes
mailing list