Security/Mentorships/MWoS/2014/Cross-platform memory scanning in Go: Difference between revisions

Security/Mentorships/MWoS/2014/Cross-platform memory scanning in Go (view source)

32 bytes removed , 8 August 2014

3

edits

@@ Line 20: / Line 20: @@
 === 2014-08-08 ===
 Summary of the week
-    * Linux program to check libs for regexp done.
+* Linux program to check libs for regexp done.
-    * Port windows EnumProcessModules to go: 50% (only ported EnumProcesses and started with EnumProcessModules)
+* Port windows EnumProcessModules to go: 50% (only ported EnumProcesses and started with EnumProcessModules)
-    * Mac: Program to list memory regions of a pid. This enables us to do vm_read to read
+* Mac: Program to list memory regions of a pid. This enables us to do vm_read to read arbitrary memory addresses.
-arbitrary memory addresses.
+* We have now a repository on github: https://github.com/mozilla/migmem
-    * We have now a repository on github: https://github.com/mozilla/migmem
 Plan for next week:
-   *Researh more about Mac, read The art of memory forensics.
+*Researh more about Mac, read The art of memory forensics.
-   *Read about: Hollow process detection
+*Read about: Hollow process detection
-   ** influence of ASLR ? /proc/sys/kernel/randomize_va_space
+** influence of ASLR ? /proc/sys/kernel/randomize_va_space
-   * Finish porting windows EnumProcessModules to go.
+* Finish porting windows EnumProcessModules to go.
-   *Write a symbol table attack in C and write the module that detects it.
+*Write a symbol table attack in C and write the module that detects it.
 === 2014-08-01 ===