Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/netanelc305/heimdall

Virtual Machine introspection tool
https://github.com/netanelc305/heimdall

introspeciton kvm linux macos security vm windows xen

Last synced: 1 day ago
JSON representation

Virtual Machine introspection tool

Awesome Lists containing this project

README 

        
[![Documentation Status](https://readthedocs.org/projects/heimdal/badge/?version=latest)](https://heimdal.readthedocs.io/en/latest/?badge=latest)



`Heimdall` is a Virtual Machine (VM) introspection tool built on top of [`libvmi`](https://github.com/libvmi/libvmi)

that

simplifies memory inspection and manipulation with OS-level abstractions.



Named after the all-seeing Norse guardian,`Heimdall` offers deep visibility into VM memory through its interactive

Python shell, allowing users to directly access

and modify kernel structures. This includes retrieving process lists, modifying attributes like PID or process name, and

interacting with other kernel data structures. `Heimdall` also supports accessing a process's execution context,

providing

powerful insights and control over VM internals.



This project is highly inspired by:



- [Hilda](https://github.com/doronz88/hilda.git) A powerful wrapper over the LLDB debugger for advanced debugging and

  binary analysis.

- [Volatility](https://github.com/volatilityfoundation/volatility): A memory forensics framework for analyzing volatile

  memory.

- [DRAKVUF](https://github.com/tklengyel/drakvuf): A virtualization-based agentless monitoring system for malware

  analysis.

- [rpc-project](https://github.com/doronz88/rpc-project.git) Minimalistic server (written in C) and a python3 client to

  allow calling native functions on a remote host for automation purposes