KVM-based Virtual Machine Introspection
Malware Behavior Analyzer
Virtual Machine Introspection (VMI) for memory forensics and machine-learning.
Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)
A simple Rust wrapper around LibVMI for virtual machine introspection (very incomplete)
Rust bindings to KVM's introspection libkvmi library
Rust reimplementation of LibVMI
Remote inspection support for confidential AMD SEV-SNP VMs.
Data structure detection with neural networks.
Detecting x86 paging structures in raw memory.
A script using electron and system information to provide monitoring capabilities to admins and users.
a simple honeypot with LibVMI and Volatility
A ProcInjectionsFind volatility plugin runs against malware-infected memory images or memory of live VMs and examines each memory region of all running processes to conclude if it is the result of process injection.
Add a description, image, and links to the virtual-machine-introspection topic page so that developers can more easily learn about it.
To associate your repository with the virtual-machine-introspection topic, visit your repo's landing page and select "manage topics."