VAMPY – Minimal tool for RAM dumping
Vampy is a minimal tool for RAM dumping to use VAMPY we first need to become familiar with basic usage.
Use frida-ps to get process names and PIDs
Once we have process names and PIDs of the running process we would like to dump we can use command.
$python vampy.py -p firefox-esr
The output file will be saved to VAMPY’s current working directory. You can change the output of the dump using option -o.
-o, --output <DIRECTORY/PATH> Output directory to store dump results
(strings of all dumped data will be saved in the local directory)
To install VAMPY in Linux we can need to open up a new command terminal and use commands below to clone VAMPY and run VAMPY.
git clone https://github.com/m4n3dw0lf/vampy cd vampy chmod +x vampy.py python vampy.py
usage: -o, --output <DIRECTORY/PATH> Output directory to store dump results (strings of all dumped data will be sa ved in the local directory) -p, --process <NAME> Name of application to dump tips: Use frida-ps to get process names and PIDs e.g: $python vampy.py -p firefox-esr