KVM-based Virtual Machine Introspection
Malware Behavior Analyzer
Virtual Machine Introspection (VMI) for memory forensics and machine-learning.
Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)
A simple Rust wrapper around LibVMI for virtual machine introspection (very incomplete)
Rust bindings to KVM's introspection libkvmi library
Rust reimplementation of LibVMI
Data structure detection with neural networks.
Detecting x86 paging structures in raw memory.
a simple honeypot with LibVMI and Volatility
A script using electron and system information to provide monitoring capabilities to admins and users.
A ProcInjectionsFind volatility plugin runs against malware-infected memory images or memory of live VMs and examines each memory region of all running processes to conclude if it is the result of process injection.
Add a description, image, and links to the virtual-machine-introspection topic page so that developers can more easily learn about it.
To associate your repository with the virtual-machine-introspection topic, visit your repo's landing page and select "manage topics."