target-dump#
With target-dump
you can export records of a specific function
used in target-query to a file.
The basic structure of a target-dump
command is as follows:
$ target-dump -f <comma_seperated_functions> <path_to_target>
Furthermore, the tool can apply certain compression algorithms to the dump, to create small archives of the output.
Usage#
target-dump - CLI interface#
dissect.target
target-dump [-h] -f FUNCTION [-c {bzip2,gzip,lz4,zstandard}] [--restart]
[-s {jsonlines,msgpack}] -o OUTPUT [--limit LIMIT] [-K KEYCHAIN_FILE]
[-Kv KEYCHAIN_VALUE] [-v] [-q] [--plugin-path PLUGIN_PATH [PLUGIN_PATH ...]]
TARGET [TARGET ...]
target-dump positional arguments#
TARGET
- targets to load (default:None
)
target-dump optional arguments#
-f
FUNCTION
,--function
FUNCTION
- one or more comma separated functions to execute (default:None
)-c
COMPRESSION
,--compression
COMPRESSION
- compression method (default:None
)--restart
- restart the session and overwrite the state file if it exists-s
SERIALIZATION
,--serialization
SERIALIZATION
- serialization method (default:jsonlines
)--limit
LIMIT
- limit number of records produced (default:None
)-K
KEYCHAIN_FILE
,--keychain-file
KEYCHAIN_FILE
- keychain file in CSV format (default:None
)-Kv
KEYCHAIN_VALUE
,--keychain-value
KEYCHAIN_VALUE
- passphrase, recovery key or key file path value (default:None
)--plugin-path
PLUGIN_PATH
- a file or directory containing plugins and extensions (default:None
)