VolatilityPlugins
My volatility Plugins
Install / Use
/learn @jeffbryner/VolatilityPluginsREADME
volatilityPlugins
My volatility Plugins.
twitter.py
Extracts twitter html and json data from a memory image.
sample session:
<pre> vol.py -f bryner/memimages/win7chromefbtwitter --profile=Win7SP1x64 twitter Volatile Systems Volatility Framework 2.3_alpha searching for browser processes... found browser pid: 2780, chrome.exe examining 86639978 bytes twitter cookie found for userid:61387084 found browser pid: 2288, chrome.exe examining 89884416 bytes profile: @p0wnlabs, 3,536 Tweets 933 Following 1,171 Followers 8:39 PM - 25 Jul 13 (21s) @kateesackhoff Katee Sackhoff Explain this...! I have 3 dogs, 1 is 7months old, I've never been allergic to a dog in my whole (cont) http://tl.gd/mbn8j5 facebook.py Extracts facebook html and json data from a memory image vol.py -f bryner/memimages/win7chromefbtwitter --profile=Win7SP1x64 facebook Volatile Systems Volatility Framework 2.3_alpha searching for browser processes... found browser pid: 2496, chrome.exe examining 86980777 bytes found browser pid: 2576, chrome.exe examining 74650769 bytes found browser pid: 1364, chrome.exe examining 97578571 bytes Likely facebook user json structure: {"id":"1421688057","name":"Jeff Bryner","firstName":"Jeff","vanity":"jeff.a.bryner","thumbSrc":"https://profile-a-pao.xx.fbcdn.net/hprofile-prn1/s32x32/50109_1421688057_6617527_q.jpg","uri":"https://www.facebook.com/jeff.a.bryner","gender":2,"type":"user","is_friend":false,"social_snippets":null} Date: Thursday, July 25, 2013 at 8:01pm about an hour ago in Las Vegas, NV url: https://www.facebook.com/LanceJames/posts/10201006553878572 Author: Lance James https://www.facebook.com/LanceJames?hc_location=stream Text: with Jaleesa Stringfellow at McCarran International Airport - Las Vegas, NV. img: https://profile-b-pao.xx.fbcdn.net/hprofile-prn2/1076381_1608857704_1305884837_q.jpg Text: Landed etc... </pre>Both plugins also accept a -p PID argument if you want to specify a specific browser process ID instead of having it search any browser process it finds.
Video of twitter recovery at:
http://youtu.be/K_gBpdK936o
Related Skills
node-connect
341.2kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
84.5kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
341.2kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
84.5kCommit, push, and open a PR
