Malware Behavior Analyzer
-
Updated
Jun 1, 2017 - C
Malware Behavior Analyzer
A simple Rust wrapper around LibVMI for virtual machine introspection (very incomplete)
Rust reimplementation of LibVMI
a simple honeypot with LibVMI and Volatility
Rust bindings to KVM's introspection libkvmi library
Data structure detection with neural networks.
Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)
Detecting x86 paging structures in raw memory.
A ProcInjectionsFind volatility plugin runs against malware-infected memory images or memory of live VMs and examines each memory region of all running processes to conclude if it is the result of process injection.
Virtual Machine Introspection (VMI) for memory forensics and machine-learning.
KVM-based Virtual Machine Introspection
Add a description, image, and links to the virtual-machine-introspection topic page so that developers can more easily learn about it.
To associate your repository with the virtual-machine-introspection topic, visit your repo's landing page and select "manage topics."