minidump
minidump copied to clipboard
skelsec
Python library to parse and read Microsoft minidump file format
I want the complete callstack with frames as well when I want to parse the minidump ? Is this possible ?
``` ~/dumps$ python3 -m minidump --all ./7.12.7_Windows_POC_Stack.dmp # minidump 0.0.23 # Author: Tamas Jos @skelsec ([email protected]) Traceback (most recent call last): File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File...
With this pull request, windbg will be able to open the dump and parse it. Obviously, some windbg features will not work (stack trace wont work because thread context is...
> minidump.py --all > minidump.py -i ~~mindidump~~ minidump
I tried using your code (in the master branch, and in the writer branch also). Seems like the logic for writing minidump files doesn't work as expected. Loading the resulting...
When minidump parses a module list it takes the number of modules directly from the input file: ```py mml.NumberOfModules = int.from_bytes(buff.read(4), byteorder = 'little', signed = False) ``` And afterwards...
Good day. Please tell me how can I create a minidump with your library from scratch? The live case: I need to create a dump of some virtual memory of...
I'm trying to get the breakpad data out of a minidump generated by it, but as currently written UserStreams that aren't recognized by the directory parser get logged and discarded....
On Linux, with minidumps created from Google Breakpad, I'm getting "PEB parsing error!" with a callstack every time I parse a minidump. Is this expected? Isn't PEB Windows only? The...
Trying to run a command of either `❯ minidump --all UE4Minidump.dmp` or `❯ minidump -i UE4Minidump.dmp` and it gives me the same errror ``` # minidump 0.0.24 # Author: Tamas...
