Light

gdatasoftwareag / smartvmi Goto Github PK

View Code? Open in Web Editor NEW

23.0 14.0 5.0 1.03 MB

Virtual Machine Introspection (VMI) for memory forensics and machine-learning.

Home Page: http://www.smartvmi.org

License: MIT License

CMake 2.26% Rust 3.24% C++ 81.23% Dockerfile 0.18% Shell 0.01% HTML 12.46% Python 0.62%

virtual-machine-introspection vmi malware-analysis malware-research memory-forensics

smartvmi's Introduction

SmartVMI

Virtual Machine Introspection (VMI) for memory forensics and machine-learning.

SmartVMI Code

VmiCore

The SmartVMI project is split into a core component which manages access to the virtual machine and provides a high abstraction layer for ease of plugin implementation. See VmiCore Readme for additional information as well as how to build/use this project.

Plugins

To allow for easy extension SmartVMI provides a plugin interface. For information about writing your own plugin see the Plugins Readme. You can find already implemented plugins which also serve as examples for how to use this project in the plugins folder. For additional information see the corresponding plugin readme:

Template Stripped down plugin to take your first steps with plugin development.
InMemoryScanner
ApiTracing

SmartVMI Research Project

The project “Synthesizing ML training data in the IT security domain for VMI-based attack detection and analysis” ( SmartVMI) is a research project funded by the BMBF and DLR. See: www.smartvmi.org for more information.

smartvmi's People

Contributors

Stargazers

Watchers

Forkers

ssentanoe smartvmi gmh5225 xrv3ovl

smartvmi's Issues

Breakpoint API: `BpResponse::Deactivate` always deletes physical breakpoint

BpResponse::Deactivate will always result in the physical breakpoint being deleted. This might break the workflow for other Breakpoint objects that have subscribed to the same breakpoint event.

Interrupt callback called twice

Rework breakpoint mechanism

Now that we have added the required funtionality to KVMi we can rework the breakpoint API in order to incorporate SLAT switches. This would enable us to use guests with more than one vCPU. It would also increase performance in situations where the memory page that contains a breakpoint is read by the guest.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.