3
edits
Security/Mentorships/MWoS/2014/Cross-platform memory scanning in Go: Difference between revisions
Security/Mentorships/MWoS/2014/Cross-platform memory scanning in Go (view source)
Revision as of 18:09, 14 September 2014
, 14 September 2014→Updates: 2014-09-12 week
m (→2014-09-05) |
Aemartinez (talk | contribs) (→Updates: 2014-09-12 week) |
||
| Line 18: | Line 18: | ||
=== Success Criteria === | === Success Criteria === | ||
== Updates == | == Updates == | ||
=== 2014-09-12 === | |||
Summary of the week: | |||
* We have working versions for memory grepper on linux and windows. | |||
** discussion about sliding the memory buffer to apply a regex against it. | |||
* Moved everything to different folders (package listlibs and memsearch) | |||
** try to keep consistent naming across files, avoid uppercase in filenames | |||
* Refactor listlibs so it can return the soft errors (files that it couldn't access) | |||
* Tested reading invalid memory sections in Windows: ReadProcessMemory with an invalid address won't do any harm. | |||
For next week(s): | |||
*pgrep functionality for linux/windows/mac (given the regex of an executable, return a list of pids) | |||
*Optimize the way we are searching for a string in memory in linux to minimize the memory reads. | |||
*Investigate how to implement a grep like functionality to search for a string in memory. | |||
*Also match on binary strings (hex strings) | |||
=== 2014-09-05 === | === 2014-09-05 === | ||