Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add MemProcFS #776

Merged
merged 2 commits into from
Jan 10, 2024
Merged

Add MemProcFS #776

merged 2 commits into from
Jan 10, 2024

Conversation

naacbin
Copy link
Collaborator

@naacbin naacbin commented Dec 7, 2023

Add of MemProcFS, a tool to analyze memory images. Also, add a required dependency, dokan, a driver for virtual file system.

Code MemProcFS : https://github.com/ufrisk/MemProcFS
Code Dokan : https://github.com/dokan-dev/dokany

Ana06
Ana06 reviewed Dec 8, 2023
View reviewed changes
Copy link
Member

@Ana06 Ana06 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please squash your commits (avoid fix linter commits in order to maintain a clean commit history). Apart from that LGTM. Thanks for the PR @naacbin!

@Ana06 Ana06 added the 🌀 COMMANDO-VM A package or future to be used by COMMANDO VM label Dec 8, 2023
@Ana06 Ana06 requested a review from a team December 8, 2023 11:01
@Ana06 Ana06 added the 🆕 package New package request/idea/PR label Dec 12, 2023
Ana06
Ana06 requested changes Dec 22, 2023
View reviewed changes
Copy link
Member

@Ana06 Ana06 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tools seem to install & run correctly. Just one minor thing to address regarding the linter.

packages/dokan.vm/tools/chocolateyinstall.ps1 Outdated Show resolved Hide resolved
Ana06 and others added 2 commits December 22, 2023 17:46
@Ana06 @naacbin
flarevm.installer.vm: Delete
f480f7e 
`flarevm.installer.vm` is not used anymore as FLARE-VM now uses
`installer.vm` which is shared with Commando VM.
@naacbin
Add MemProcFS
e2f8299
@naacbin
Copy link
Collaborator Author

naacbin commented Jan 8, 2024

Is there anything left to do on this PR ?

@Ana06 Ana06 merged commit f1ab151 into mandiant:main Jan 10, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@day1player day1player day1player approved these changes

@Ana06 Ana06 Ana06 approved these changes

Assignees
No one assigned
Labels
🌀 COMMANDO-VM A package or future to be used by COMMANDO VM 🆕 package New package request/idea/PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@naacbin @Ana06 @day1player