Mxtract V1.2 - Retentiveness Extractor & Analyzer

mXtract is an opensource linux based tool that analyzes in addition to dumps memory. It is developed equally an offensive pentration testing tool, its original usage is to scan retentiveness for soul keys, ips, in addition to passwords using regexes. Remember, your results are solely equally expert equally your regexes.

Screenshots


Scan amongst verbose in addition to amongst a unproblematic IP regex, scanning every information segment, displaying procedure information in addition to scanning surroundings files.


Scan amongst verbose in addition to amongst a unproblematic IP regex, scanning solely heap in addition to stack, displaying procedure information in addition to scanning surroundings files.


Scan without verbose, in addition to amongst a unproblematic IP regex, displaying procedure information in addition to scanning surroundings files.

Why dump straight from memory?
In nigh linux environments users tin access the retentiveness of processes, this allows attackers to harvest credentials, soul keys, or anything that isnt suppose to endure seen but is existence processed past times a plan inward clear text.

Features
  • Ability to come inward regex lists
  • Clear in addition to Readable Display
  • Ability to Mass Scan Every Proccess or a Specific PID
  • Able to direct retentiveness sections to scan
  • Ability to Show Detailed Process Information
  • Ability to Scan Process Environment Files
  • Memory dumps automatically removes unicode characters which allows for processing amongst other tools or manually

Getting started

Downloading: git clone https://github.com/rek7/mXtract

Compiling: cd mXtract && sh compile.sh

This volition practice the directory bin/ in addition to compile the binary equally mXtract

Commands
General:         -v      Enable Verbose Output         -s      Suppress Banner         -h      Help         -c      Suppress Colored Output Target in addition to Regex:         -i      Show Detailed Process/User Info         -a      Scan all Memory Ranges non merely Heap/Stack         -e      Scan Process Environment Files         -r=     Regex Database to Use         -p=     Specify Single PID to Scan Output:         -wm     Write Raw Memory to File Default Directory is: 'pid/'         -wi     Write Process Info to Beginning of File (Used inward Conjunction amongst -w)         -wr     Write Regex Output to File (Will Appear inward the Output Directory)         -f=     Regex Results Filename Default is: 'regex_results.txt'         -d=     Custom Ouput Directory