Alexander J
Alexander J
Used your decodes quite a bit and realized it would be handy to not only have the filename, but the md5sum of the decoded sample in the resulting file (in...
demo.py
to show how to interact with the API as a python script (might be silly but I found it useful)
``` python readmacho.py ../viper_2/viper/flashback.bin Traceback (most recent call last): File "readmacho.py", line 59, in main() File "readmacho.py", line 34, in main m = MachO(args.filename) File "/Volumes/data/Users/user/scripts/Mach-O/pymacho/MachO.py", line 54, in __init__...
Hi, do you mind to add pymacho to pypi? https://pypi.python.org/pypi
hope it is useful
Currently the import client and the backend check for ```.plaso``` in the filename to verify it is a plaso file. This is not perfect from user perspective as well as...
Migrate the Sigma rules into the Database to be able to improve various aspects - [x] Database model - [x] Database model tests - [ ] Remove Sigma rule folder...
First iteration would be to check if the four columns `message,datetime,timestamp,timestamp_desc`are missing. If one of them is missing, give an error message.
A lot more scenario based stuff to be discussed with jbn - system_information - wlan_history - persistence
When facing a famous error 500, all a user has is the Sketch_id. Yet most of our logging is based on the index_id which is different, so returning the searchindex...