Tamas K Lengyel
Tamas K Lengyel
I'm pretty sure that's because you have the "no" rule set for your frontend on your running screenshot.
I would suggest you use the latest release and not the latest master branch. It has been a long time since I worked on this and I don't know how...
@Yuvraj-Takey Feel free to open a PR with the fixes
With the latest version you don't have to set the iptables rules to queue the packets. The latest version reads the packets straight from the interface using pcap so that...
If you don't need those features of honeybrid you should be just using the latest release which still uses the iptables queues: https://github.com/tklengyel/honeybrid/releases/tag/0.1.6
Solution deduplication would be nice to have, right now I'm seeing multiple solutions that have the same stacktrace/root-casue. Running all solutions currently present and keeping only the unique ones.
In the interim I would suggest just using the `vmifs` tool that's part of LibVMI and then running Volatility on that file as if it was a memory dump. I...
It's really straight forward. Compile it and it will tell you how to use it. It creates a file that represents the target VMs memory. You run Volatility on that...
Drakvuf is open-source and you are welcome to review the code to better understand it. There is also the publication describing it in detail. Or you may also find this...
I agree, dropping python2 at this point is appropriate.