KVM-based Virtual Machine Introspection

Malware Behavior Analyzer

No description provided.

Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.

Virtual Machine Introspection (VMI) for memory forensics and machine-learning.

Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)

Remote inspection support for confidential AMD SEV-SNP VMs.

A simple Rust wrapper around LibVMI for virtual machine introspection (very incomplete)

Rust bindings to KVM's introspection libkvmi library

Rust reimplementation of LibVMI

Data structure detection with neural networks.

Detecting x86 paging structures in raw memory.

a simple honeypot with LibVMI and Volatility

A script using electron and system information to provide monitoring capabilities to admins and users.

No description provided.

A ProcInjectionsFind volatility plugin runs against malware-infected memory images or memory of live VMs and examines each memory region of all running processes to conclude if it is the result of process injection.