[panda-users] osi plugin
Manolis Stamatogiannakis
mstamat at gmail.com
Mon Dec 15 10:13:34 EST 2014
I'm primarily interested in support for Linux. I would like to have
callbacks on process related events (process creation, file operations by a
specific process etc).
The code from linux_vmi plugin works in principle, but is too messy. So,
I'm thinking of weeding it out and migrating it to the osi API. Does this
sound like a reasonable goal?
The folks at Stony Brook could have similar goals, so putting me in touch
with them would be great.
Thanks!
Manolis
2014-12-15 15:51 GMT+01:00 Brendan Dolan-Gavitt <brendandg at gatech.edu>:
>
> A prototype implementation for Windows 7 introspection is available that
> implements most of the API (kernel module listing is missing right now).
> You can have a look at
>
> https://github.com/moyix/panda/tree/master/qemu/panda_plugins/win7x86intro
>
> to see the code that implements Win7 introspection.
>
> Other OSes aren't implemented right now; I've been told there are some
> people at Stony Brook that are working on Linux support, and I can put you
> in touch with them if you're interested.
>
> Is there more you want from OSI that's not there yet?
>
> -Brendan
>
> On Mon, Dec 15, 2014 at 9:03 AM, Manolis Stamatogiannakis <
> mstamat at gmail.com> wrote:
> > Is there any ongoing work on the osi plugin? Or is it just in the "todo"
> > list?
> >
> > Thanks,
> > Manolis
> >
> > _______________________________________________
> > panda-users mailing list
> > panda-users at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/panda-users
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/mailman/private/panda-users/attachments/20141215/54c3504b/attachment.htm
More information about the panda-users
mailing list