horsicq
commented
1 year ago I will think about it. Thanks you for the idea.
Open davclark opened 1 year ago
horsicq
commented
1 year ago I will think about it. Thanks you for the idea.
DosX-dev
commented
5 months ago Hello! You can create a process dump and scan it with DIE extractor to retrieve all files from memory for analysis
davclark
commented
5 months ago Thanks @DosX-dev! However, this is not addressing the request. I'm trying to avoid the need to write to a filesystem. I am currently writing to a filesystem just fine. So, I have a working solution, just not optimal in terms of performance. A solution that would be a tad more performant would be tmpfs, but this still creates a copy of the data in memory, which is also not optimal.
DosX-dev
commented
5 months ago Now I understand your problem. This will be possible with the release of the release version of DIE SDK (Library). You can scan files programmatically by transferring them entirely in memory. But this functionality is not yet available
I am calling diec from a python script and already have a sample in memory. Is it possible to send the file to die via stdin, or potentially expose a foreign function interface? Currently, I need to write the file to disk, which is relatively slow.