Skip to content
This repository has been archived by the owner on Mar 13, 2023. It is now read-only.

Latest commit

 

History

History
30 lines (17 loc) · 1.06 KB

README.md

File metadata and controls

30 lines (17 loc) · 1.06 KB
Raw

MatchMeta.Info

Amazon Web Services (AWS) regularly releases new Amazon Machine Images (AMI) for Amazon Linux, requiring the generation of digital artifacts necessary for cybersecurity investigations.

Amazon-owned AMI names that start with amazon/amzn or amazon/al2022 and may end with -gp2 will be launched into a temporary VPC in Oregon (US-WEST-2) region to automatically collect the System.map file and run the getmeta collection script for x86_64 and arm64 architecture.

https://github.com/4n6ir/getmeta

This enrichment option allows the analyst to take traditional hashing a step further by knowing which directories, files, and paths are standard for specific releases of the Amazon Linux distribution.

import requests

key = ''
url = 'https://sha256.lukach.io' # https://md5.lukach.io

headers = {'x-api-key': key}

r = requests.get(url, headers = headers)

output = r.json()

d = requests.get(output['link'])

if d.status_code == 200:
   with open(output['filename'], 'wb') as f:
     f.write(d.content)