Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...
  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...
  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...
Showing posts with label SysInternals. Show all posts
Showing posts with label SysInternals. Show all posts

Friday, January 19, 2018

A Linux version of the ProcDump Sysinternals tool - ProcDump for Linux



ProcDump is a Linux reimagining of the classic ProcDump tool from the Sysinternals suite of tools for Windows. ProcDump provides a convenient way for Linux developers to create core dumps of their application based on performance triggers.

Installation & Usage

Requirements
  • Minimum OS: Ubuntu 14.04 LTS (Desktop or Server)
    • We are actively testing against other Linux distributions. If you have requests for specific distros, please let us know (or create a pull request with the necessary changes).
  • gdb (>=7.7.1)

Install ProcDump

Via Package Manager [prefered method]

1. Add the Microsoft Product feed
curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg

Register the Microsoft Product feed

Ubuntu 16.04
sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-ubuntu-xenial-prod xenial main" > etc/apt/sources.list.d/microsoft.list'

Ubuntu 14.04
sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-ubuntu-trusty-prod trusty main" > /etc/apt/sources.list.d/microsoft.list'

2. Install Procdump
sudo apt-get update
sudo apt-get install procdump

Via .deb Package
Pre-Depends: dpkg(>=1.17.5)

1. Download .deb Package

Ubuntu 16.04
wget https://packages.microsoft.com/repos/microsoft-ubuntu-xenial-prod/pool/main/p/procdump/procdump_1.0_amd64.deb

Ubuntu 14.04
wget https://packages.microsoft.com/repos/microsoft-ubuntu-trusty-prod/pool/main/p/procdump/procdump_1.0_amd64.deb

2. Install Procdump
sudo dpkg -i procdump_1.0_amd64.deb
sudo apt-get -f install

Uninstall

Ubuntu 14.04+
sudo apt-get purge procdump

Usage
Usage: procdump [OPTIONS...] TARGET
   OPTIONS
      -C          CPU threshold at which to create a dump of the process from 0 to 200
      -c          CPU threshold below which to create a dump of the process from 0 to 200
      -M          Memory commit threshold in MB at which to create a dump
      -m          Trigger when memory commit drops below specified MB value.
      -n          Number of dumps to write before exiting
      -s          Consecutive seconds before dump is written (default is 10)
   TARGET must be exactly one of these:
      -p          pid of the process

Examples
The following examples all target a process with pid == 1234
The following will create a core dump immediately.
sudo procdump -p 1234
The following will create 3 core dumps 10 seconds apart.
sudo procdump -n 3 -p 1234
The following will create 3 core dumps 5 seconds apart.
sudo procdump -n -s 5 -p 1234
The following will create a core dump each time the process has CPU usage >= 65%, up to 3 times, with at least 10 seconds between each dump.
sudo procdump -C 65 -n 3 -p 1234
The following with create a core dump each time the process has CPU usage >= 65%, up to 3 times, with at least 5 seconds between each dump.
sudo procdump -C 65 -n 3 -s 5 -p 1234
The following will create a core dump when CPU usage is outside the range [10,65].
sudo procdump -c 10 -C 65 -p 1234
The following will create a core dump when CPU usage is >= 65% or memory usage is >= 100 MB.
sudo procdump -C 65 -M 100 -p 1234




Share:
Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition