python-haystack memory forensics

Quick Start:

You might want to look into the base libary python-haystack.

Run haystack-gui

python-haystack is an heap analysis framework, focused on searching and reversing of C structure in allocated memory.

this is an attempt at a GUI.

This is not working right now

Dump the process, then you can open it in the GUI::

$ haystack-gui # ( and Ctrl-O , click click)
$ haystack-gui --dumpname dumps/myssh.dump

You can the search a structure from the heap of that memory mapping.

You have to import your extensions before that to have them listed in the search dialog.

Name		Name	Last commit message	Last commit date
Latest commit History 1,780 Commits
docs		docs
haystack		haystack
test		test
.gitattributes		.gitattributes
.gitignore		.gitignore
.travis.yml		.travis.yml
CHANGES.txt		CHANGES.txt
CodingStyle.txt		CodingStyle.txt
LICENSE.txt		LICENSE.txt
MANIFEST.in		MANIFEST.in
README		README
README.md		README.md
TODO		TODO
requirements.txt		requirements.txt
setup.cfg		setup.cfg
setup.py		setup.py