Heimdall is a Virtual Machine (VM) introspection tool built on top of libvmi that simplifies memory inspection and manipulation with OS-level abstractions.

Named after the all-seeing Norse guardian,Heimdall offers deep visibility into VM memory through its interactive Python shell, allowing users to directly access and modify kernel structures. This includes retrieving process lists, modifying attributes like PID or process name, and interacting with other kernel data structures. Heimdall also supports accessing a process's execution context, providing powerful insights and control over VM internals.

This project is highly inspired by:

• Hilda A powerful wrapper over the LLDB debugger for advanced debugging and binary analysis.
• Volatility: A memory forensics framework for analyzing volatile memory.
• DRAKVUF: A virtualization-based agentless monitoring system for malware analysis.
• rpc-project Minimalistic server (written in C) and a python3 client to allow calling native functions on a remote host for automation purposes