Amazon Linux Metadata Repository

ALL VENDORS, PLEASE

cyb3rops-tweet

https://twitter.com/cyb3rops/status/1399634705323073536

NOPE, VERY REASONABLE

Ideally, each vendor would become the source of truth for their respective products that is always current.

Creating a standardized format would require a happy balance of what is possible to collect in a reasonable amount of time to support ephemeral systems.

Getmeta captures these fields from all Amazon Linux AMIs hosted in Ohio (US-EAST-2) from August 2016 to the present.

  • path
  • host
  • source
  • size
  • sha256
  • mask
  • uid
  • gid
  • mtime
  • magic

https://github.com/4n6ir/getmeta

The pipeline also collects symbol information extracted from the System.map file for memory forensics with Volatility3.

https://github.com/volatilityfoundation/dwarf2json

DOWNLOAD

metavault-github

https://github.com/4n6ir/metavault