lets try this

trolldbois · Jul 3, 2017 · 7e0cbb0 · 7e0cbb0
1 parent 7631baf
commit 7e0cbb0
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 38 deletions.
diff --git a/docs/capture-a-memory-dump.rst → docs/capture-process-memory.rst b/docs/capture-a-memory-dump.rst → docs/capture-process-memory.rst
@@ -45,13 +45,20 @@ Making your own memory mappings handler
 =======================================
 
 If you have a different technique to access a process memory, you can implement the
-``haystack.abc.IMemoryLoader`` and ``haystack.abc.IMemoryMapping`` interface for
+``haystack.abc.interfaces.IMemoryLoader`` and ``haystack.abc.interfaces.IMemoryMapping`` interface for
 your favorite technique.
 Check out the `Frida plugin <https://github.com/trolldbois/python-haystack/blob/master/haystack/mappings/fridaprocess.py>`_
 for example.
 
 Alternatively, if you can copy the process' memory mappings to file, you can "interface"
 with the basic, simple, haystack memory dump file format by doing the following:
 The basic format is a folder containing each memory mapping in a separate file :
-  - memory content in a file named after it's start/end addresses ( ex: 0x000700000-0x000800000 )
-  - a file named 'mappings' containing memory mappings metadata.  ( ex: mappings )
+ - memory content in a file named after it's start/end addresses ( ex: 0x000700000-0x000800000 )
+ - a file named 'mappings' containing memory mappings metadata.  ( ex: mappings )
+
+
+.. autoclass:: haystack.abc.interfaces.IMemoryLoader
+   :members:
+
+.. autoclass:: haystack.abc.interfaces.IMemoryMapping
+   :members:
diff --git a/docs/getting-started.rst b/docs/getting-started.rst
diff --git a/docs/index.rst b/docs/index.rst
@@ -44,9 +44,8 @@ Contents:
 
 .. toctree::
   installation
-  getting-started
-  capture-process-memory
   usage
+  capture-process-memory
 
 .. _python-haystack: https://github.com/trolldbois/python-haystack/
 .. _python-haystack-reverse: https://github.com/trolldbois/python-haystack-reverse/

diff --git a/docs/usage.rst b/docs/usage.rst
@@ -1,7 +1,17 @@
-.. _command-line:
+.. _usage:
+
+Usage
+=====
+
+First you need to install python-haystack_. Please refer to the
+:ref:`installation` section of the documentation.
+
+Then you need a process memory dump. Please refer to the :ref:`capture-process-memory`
+section of the documentation.
+We will name the process memory dump `memory.dmp` for the rest of this documentation.
 
 Command line usage
-==================
+------------------
 
 A few entry points exists for different purposes
 
@@ -19,8 +29,12 @@ You can use the following URL to designate your memory handler/dump:
  - ``volatility://`` load a volatility image
 
 API usage
-=========
+---------
 
 .. automodule:: haystack.search.api
    :members:
 
+.. _python-haystack: https://github.com/trolldbois/python-haystack/
+.. _python-haystack-reverse: https://github.com/trolldbois/python-haystack-reverse/
+.. _python-haystack-gui: https://github.com/trolldbois/python-haystack-gui/
+.. _python-haystack-docs: https://github.com/trolldbois/python-haystack-docs/