3
edits
Changes
→Updates
=== Success Criteria ===
== Updates ==
=== 2014-08-08 ===
Summary of the week
* Linux program to check libs for regexp done.
* Port windows EnumProcessModules to go: 50% (only ported EnumProcesses and started with EnumProcessModules)
* Mac: Program to list memory regions of a pid. This enables us to do vm_read to read
arbitrary memory addresses.
* We have now a repository on github: https://github.com/mozilla/migmem
Plan for next week:
*Researh more about Mac, read The art of memory forensics.
*Read about: Hollow process detection
** influence of ASLR ? /proc/sys/kernel/randomize_va_space
* Finish porting windows EnumProcessModules to go.
*Write a symbol table attack in C and write the module that detects it.
=== 2014-08-01 ===
Summary of the week:
