Tool and Usage
The swap_digger tool helps with extracting sensitive data from a mounted swap partition. It can be used for forensics, post exploitation, or data discovery.
Why this tool?
Swap memory is similar to active memory and may contain sensitive details.
Examples of sensitive data artifacts:
- Login accounts and passwords
- GPG keys
- Master keys of password managers
- Email addresses
- WiFi SSID details and keys
- Samba credentials
- Other authentication details
How it works
The tool reads the swap file or files, which are often discovery via the /proc/swaps file. It then starts digging through its contents in the hunt for useful information.
Usage and audience
This tool is categorized as a data excavation tool.
swap_digger is commonly used for data extraction, information gathering, or penetration test. Target users for this tool are pentesters and security professionals.
- swap_digger is written in shell script
- Command line interface
- + The source code of this software is available
Author and Maintainers
Swap_digger is under development by Emeric Nasi.
Support operating systems
Swap_digger is known to work on Linux.
|Latest release||1.0 [2017-08-07]|
|Last updated||Nov. 5, 2017|
|Detailed information about swap_digger|
|swap_digger GitHub project|