Mxtract - Retention Extractor & Analyzer

An opensource linux based tool that analyses as well as dumps memory. Its developed every bit an offensive pentration testing tool which tin displace live on used to scan retention for mortal keys, ips, as well as passwords using regexes. Remember your results are alone every bit practiced every bit your regexes.

Screenshots

Scan amongst verbose as well as amongst a elementary IP regex, scanning every information segment.

Scan amongst verbose as well as amongst a elementary IP regex, scanning alone heap as well as stack.

Scan without verbose, as well as amongst a elementary IP regex.

Why dump straight from memory?
In well-nigh linux environments users tin displace access the retention of processes, this allows attackers to harvest credentials, mortal keys, or anything that isnt suppose to live on seen but is beingness processed yesteryear a plan inwards clear text.

Features
  • Ability to come inwards regex lists
  • Clear as well as Readable Display
  • Ability to Mass Scan Every Proccess or a Specfic PID
  • Able to direct retention sections to scan
  • Memory dumps automatically removes unicode characters which allows for processing amongst other tools or manually

Getting started

Compiling: g++ -std=c++11 -O2 src/main.cpp -o mxtract

Commands
        -v      Enable Verbose Output         -s      Suppress Banner         -h      Help         -c      suppress colored output         -r=     Regex DB         -a      Scan all retention ranges non simply heap/stack         -w      Write raw retention to file Default directory is pid/         -o      Write regex output to file         -d=     Custom Ouput Directory         -p=     Specify unmarried pid to scan         Either -r= or -w needed