oswatcher
oswatcher copied to clipboard
Wenzel
A framework to track the evolution of Operating Systems over time
OSWatcher log file is in this [Gist](https://gist.github.com/Wenzel/20fa59a05187627987b2866bd4107c25) Important part: ~~~ 2020-04-04 19:07:17,038 DEBUG:volatility.framework.automagic.pdbscan:Using symbol library: ntkrpamp.pdb/C40DD53A8D3D4AE3A24CE6BE866649C9-1 2020-04-04 19:07:17,068 INFO:volatility.schemas:Dependency for validation unavailable: jsonschema 2020-04-04 19:07:17,068 DEBUG:volatility.schemas:All validations will report success,...
py2neo 4.3.0 isn't compatible with the latest Neo4j DB. when using Neo4j 4.1, it throws `InvalidTransaction` errors: ~~~ 2020-05-08 04:08:16,398 ERROR:hooks.filesystem.Neo4jFilesystemHook:Invalid transaction Traceback (most recent call last): File "/home/wenzel/Projets/oswatcher/venv/lib/python3.7/site-packages/see/observer.py", line...
This PR adds a new CI workflow, which is a copy of the existing security hook, except that it will run on a Linux image (Ubuntu 6.06 server) cc @milenkowski
use our own implementation of checksec for ELF security analysis. This has the advantage of using the guest libc to check for fortify functions, instead of the host one. However,...
With #101 's PR, we use LIEF to analyze MS-DOS executables. Some of them return `None` after the LIEF parsing. @milenkowski here is the archive containing all the failed executables:...
libguestfs API allows you to call the `file` command from the appliance to identify a file type. however it is not possible to specify the parameters. we would like to...
After #95 I was looking if it was possible to replace `checksec.sh`, considering that we are integrating `lief` as a dependency anyway. Also with #94, the output is not reliable....
Checksec's JSON should contain a key which is the filepath: `~/Projets/oswatcher/tools/checksec/checksec --output=json --file=/usr/bin/xz | jq .` ~~~JSON { "/usr/bin/xz": { "relro": "full", "canary": "yes", "nx": "yes", "pie": "yes", "rpath": "no",...
When commiting a file with an apostrophe `’` as part of the filename, `git ls-files` will return it as an escaped character:  This breaks our...
It will be nice to pull kernel config options statically as performed by the [kernel-config-checker plugin](https://github.com/clearlinux/kernel-config-checker) as well as to try and verify several settings dynamically. This is usefule as...
