Skip to content
/ hook-virtual Public

Drive Badger extension: recursively exfiltrate VMware and Hyper-V virtual machines along with virtualization server

drivebadger.com/

License

MIT license
2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

drivebadger/hook-virtual

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
helpers
helpers
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
exclude.list
exclude.list
 
 
exclude.sh
exclude.sh
 
 
handle-image.sh
handle-image.sh
 
 
hook.sh
hook.sh
 
 

Repository files navigation

This is an extension for Drive Badger. It provides a so called hook script, that:

  • scans given filesystem for virtual drive image files (*.vmdk for VMware, *.vhd and *.vhdx for Hyper-V)
  • mounts and exfiltrates found files (instead of just copying the whole images to the storage drive)

Installing

Clone this repository as /opt/drivebadger/hooks/hook-virtual directory on your Drive Badger persistent partition.

When you install this hook, you should also install exclude-virtual configuration repository - it excludes additional files: ISO images and Hyper-V virtual machine state files.

Also, you should read notes about fine tuning this hook.

More information

About

Drive Badger extension: recursively exfiltrate VMware and Hyper-V virtual machines along with virtualization server

drivebadger.com/

Topics

vmware vmware-esxi vmdk vmware-vsphere

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages