@@ -21,7 +21,7 @@ The command to inject it is prepared by the script, and can be made to auto-exec
...
@@ -21,7 +21,7 @@ The command to inject it is prepared by the script, and can be made to auto-exec
This script allows automated injection of LiME module in the kernel, saving the output file with a timestamped file name, and removes the module from the kernel to allow for repeated executions
This script allows automated injection of LiME module in the kernel, saving the output file with a timestamped file name, and removes the module from the kernel to allow for repeated executions
--**profiler.sh**
--**profiler.sh**
Script to download the corresponding kernel symbols in order to create a valid Volatility profile. Due to the way that Linux kernels are built this is a mandatory step in Linux Memory analysis with this specific tool - for more information regarding kernel symbols and documentation refer to the Volatility3 GitHub page [here](https://github.com/volatilityfoundation/volatility3).
Script to download the corresponding kernel symbols in order to create a valid Volatility profile. Due to the way that Linux kernels are built this is a mandatory step in Linux Memory analysis with this specific tool - for more information regarding kernel symbols and documentation refer to the Volatility3 GitHub page [here](https://github.com/volatilityfoundation/volatility3). (Adapted from [here](https://cpuu.hashnode.dev/how-to-perform-memory-forensic-analysis-in-linux-using-volatility-3))
--**rust_builder.sh** and **DumpIt_installer.sh**
--**rust_builder.sh** and **DumpIt_installer.sh**
Originally the choice for memory extraction on Linux systems due to unexpected errors in using LiME (now fixed). 'DumpIt for Linux' is built on Rust, hence the builder script to download and install it, before the 'DumpIt_installer.sh' was run. *Note that this is no longer the case and these two scripts are no longer needed or used, but do remain here for reference.*
Originally the choice for memory extraction on Linux systems due to unexpected errors in using LiME (now fixed). 'DumpIt for Linux' is built on Rust, hence the builder script to download and install it, before the 'DumpIt_installer.sh' was run. *Note that this is no longer the case and these two scripts are no longer needed or used, but do remain here for reference.*
...
@@ -29,4 +29,4 @@ Originally the choice for memory extraction on Linux systems due to unexpected e
...
@@ -29,4 +29,4 @@ Originally the choice for memory extraction on Linux systems due to unexpected e
--**Snapshots.xlsx**
--**Snapshots.xlsx**
Simply an excel spreadsheet for me to keep track of the experiment's progress.
Simply an excel spreadsheet for me to keep track of the experiment's progress.
***Note: All scripts and paths contained therein assume execution from a user's home directory with sudo priviledges. Paths and results may differ if directories and execution priviledges change.***
***Note: All scripts and paths contained therein assume execution from a user's home directory with sudo priviledges. Paths and results may differ if directories and execution priviledges change.***
