Closed yassine955 closed 5 months ago
Hello!
That's a whole new set of tools for analysis. You'll likely need to do some reverse engineering. Tools like Ghidra etc can help. It depends on your goals really.
Strings isn't going to hurt and can certainly point you in the right direction.
Good luck!
What if I have the process, which is a Signal application. How can I find messages. I read that the best option is proc.maps
You might get better support by asking on our slack channels? What you've posted isn't really an issue or a feature request...
@ikelos I asked the question on the Slack Channel
I have dumped a process, like this
python3 volatility3/vol.py -vvvvvvv -r pretty -f $path/avml_dump.lime -o pid_${digit}_dump/ linux.elfs --pid $digit --dump
.I now receive a bunch of files of that specific process, example:
pid.9241.crime.securesms.0x778a81943000.dmp
How can I now analyse these files further, to look for my traces. Should I really analyse each file seperatly with
strings <file>
??