2 Repos
Utilities for retrieving runtime information about the executing process, such as file paths and identifiers.
Distinct from File Path Locators: Candidates focus on recursive file searching or AI execution paths, not retrieving the active process's own executable path.
Explore 2 awesome GitHub repositories matching operating systems & systems programming · Process Metadata Extraction. Refine with filters or upvote what's useful.
pwndbg is a GDB plugin and binary analysis framework designed for reverse engineering, exploit development, and low-level program analysis. It extends the core functionality of the debugger to provide advanced memory inspection and automation tools. The project distinguishes itself with specialized capabilities for heap analysis across glibc, jemalloc, and musl, as well as a comprehensive kernel debugging toolkit for inspecting Linux kernel tasks and slab allocators. It includes an integrated ROP gadget searcher for constructing exploit chains and an LLM-powered debugging assistant that provi
Identifies the absolute path of the binary currently being executed or debugged.
Falco is an eBPF runtime security monitor and cloud native detection engine that identifies abnormal behavior and security threats across hosts and containers. It functions as a Linux kernel event auditor, capturing system calls and kernel events in real-time to detect malicious activity. The system distinguishes itself through a rule-based threat detection model that evaluates system activity against a library of community-maintained rules and custom security definitions. It enriches raw kernel events with container and Kubernetes metadata to provide observability into isolated environments
Evaluates the executable path and process ancestry of executing threads to identify malicious activity.