Paweł Srokosz
Paweł Srokosz
Right now Python package name will stay "drakrun" tho...
**Your checklist for this pull request** - [x] I've read the [contributing guideline](CONTRIBUTING.md). - [x] I've tested my changes by building and running the project, and testing changed functionality (if...
**Your checklist for this pull request** - [x] I've read the [contributing guideline](CONTRIBUTING.md). - [x] I've tested my changes by building and running the project, and testing changed functionality (if...
Before starting an analysis, we need to perform few preparation actions on the guest OS that is recovered from snapshot. One of the missing things is time synchronization and it's...
Yeah, I know that adding agent to the agentless sandbox is a funny plot-twist, but Drakvuf Sandbox needs to make series of operations on guest before analysis has even started....
Small todolist of improvements because I'm too lazy to make a separate tickets for: - [ ] `modify-vm0 begin` Check if there is only vm-0 running before beginning modify-vm0: it...
Injector is heavily used by Drakvuf Sandbox for multiple guest operations like reading/writing files on guest VM, running preparation commands and finally running malware. Right now it's a game of...
Very common problem is too low shadow memory limit that results in random crash of Xen VM (output from `xl dmesg`): ``` (XEN) d99v0 failed to set entry for 12119...
Hi and thanks for the great library! I found that when I try to parse PDB for `combase.dll` with GUID `6c146f310d333559974d1d5d3fa2e4da1`, it fails to decode some strings contained in DBI...
```suggestion config: DrakrunConfig = load_config() ``` This configuration object should be passed by caller instead of being loaded by the postprocessor itself, but currently PostprocessFunction doesn't offer such interface. To...