jpcertcc / aa-tools Goto Github PK

Your tool is referenced in CRITs services, but cannot be installed via PIP:

pip2.7 install git+https://github.com/JPCERTCC/aa-tools.git

Collecting git+https://github.com/JPCERTCC/aa-tools.git
Cloning https://github.com/JPCERTCC/aa-tools.git to ./pip-R87bsF-build
Unpacking objects: 100% (78/78), done.
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "", line 1, in
IOError: [Errno 2] No such file or directory: '/tmp/pip-R87bsF-build/setup.py'

Requesting Volatility3 Support for plugins.

Hi,

I am trying to port this into Java, would you have a set of "official" outputs I can use to validate the port?

This is really cool! I just had a question...

Does this plugin work with 2.6.1 and Windows 10? I'm working with the new version from here -
https://github.com/fireeye/win10_volatility
but getting errors
Name PID Data VA

No suitable address space mapping found
Tried to open image as:
MachOAddressSpace: mac: need base
LimeAddressSpace: lime: need base
WindowsHiberFileSpace32: No base Address Space
WindowsCrashDumpSpace64BitMap: No base Address Space
HPAKAddressSpace: No base Address Space
VMWareAddressSpace: No base Address Space
QemuCoreDumpElf: No base Address Space
WindowsCrashDumpSpace32: No base Address Space
WindowsCrashDumpSpace64: No base Address Space
VMWareMetaAddressSpace: No base Address Space
VirtualBoxCoreDumpElf64: No base Address Space
Win10CompressedAMD64PagedMemory: No base Address Space
Win10CompressedIA32PagedMemoryPae: No base Address Space
SkipDuplicatesAMD64PagedMemory: No base Address Space
WindowsAMD64PagedMemory: No base Address Space
LinuxAMD64PagedMemory: No base Address Space
Win10CompressedIA32PagedMemory: No base Address Space
AMD64PagedMemory: No base Address Space
IA32PagedMemoryPae: No base Address Space

Hello I put a bit of love in this and now it also can be used as library, it now only one script, not 2, and in header of file you can see how to use it as library
https://github.com/doomedraven/aa-tools/tree/master/citadel_decryptor/atmos.py

• already integrated here http://cybercrime-tracker.net/ccamdetail.php?hash=8abde153e37596ca8dfc8bc723738daa32f483ef

i can make PR if you will like to merge it

Team,

I'm getting an error with both apt17scan and hikitconfig with both 2.4 and 2.5 versions of Volatility. Please let me know if I can provide more detail/testing.

Full error:

Traceback (most recent call last):
File "/vol-2.5_clean/vol.py", line 192, in
main()
File "/vol-2.5_clean/vol.py", line 183, in main
command.execute()
File "/vol-2.5_clean/volatility/commands.py", line 145, in execute
func(outfd, data)
File "/vol-2.5_clean/volatility/plugins/apt17scan.py", line 156, in render_text
for task, start, malname in data:
ValueError: too many values to unpack

Hello,

I'd like to be able to install pyimpfuzzy via pip.
Obvious option would be to put the package on pypi.python.org or move the folder one level down so one can use perhaps:

pip install -e git+https://github.com/JPCERTCC/aa-tools.git#egg=pyimpfuzzy

Thanks in advance