forensics

Environment

Sat Dec 11 06:20:24 AM UTC 2021
rasm2 5.5.2 27280 @ linux-x86-64 git.5.5.2
commit: e65e385e5308293c23611e16e531df8c52a9ff18 build: 2021-12-11__06:31:42
Linux x86_64

Description

The opcodes jecxz and jrcxz cannot assemble.

Test

$ rasm2 -a x86 -b 64 'jecxz 0x1'
Cannot assemble 'jecxz 0x1' at line 3
invalid
$ rasm2 -a x86 -b 64 'jrcxz 0x1

https://github.com/google/timesketch/blob/fce0f54e20d9385b264f2401079dbeb5ad773a38/timesketch/frontend/src/components/Common/UploadForm.vue#L124

Uploading a foobar.txt file that has CSV content would still get uploaded and errored out on the backend side, even if the Client JS should error out already.

Request Method: POST
Status Code: 500 

We're trying to process a series of .pcap files captured over time and hoped we could use tcpflow for both extracting the payloads and keeping track of the sessions' states at the same time using the written DFXML.

From the man page I understood that using -R on the next file (n) should complete TCP flows. Unfortunately it is not really clear what this exactly means and if this should have ef

The project works with 8 modules < reference source/Module >

• Creating issue to accelerate/track test frame building of each module
• The test folder has a very basic example to start with.
• Feel free to make a pull request for the test cases

Right now a lot of the logging from the tasks does not get propagated back to the user, so we should make sure that all of the tasks are adding logs and errors to the results so that at minimum the data gets put into the worker-log.txt. Ideally we would store this info in datastore so that the clients could query it later (this part is in #115).

If somebody has time, it would nice to have an https://intelx.io module for your project.
We have a SDK here with some code samples (including Go code): https://github.com/IntelligenceX/SDK