8 repositorios
Utilities for recording the configuration of logical-to-physical memory mappings.
Distinct from Memory Mapping Utilities: Focuses on exporting the configuration of the memory map, not the technique of mapping files to memory.
Explore 8 awesome GitHub repositories matching operating systems & systems programming · Memory Map Exporting. Refine with filters or upvote what's useful.
你管这破玩意叫操作系统源码 — 像小说一样品读 Linux 0.11 核心代码
Describes memory layout, segmentation, and paging through concrete address-space diagrams from the kernel.
This project is a bare-metal operating system developed for ARM64 architecture. It serves as a low-level implementation of kernel engineering, focusing on the fundamental construction of an OS from the hardware level up. The system is distinguished by its comprehensive approach to ARM64 processor control, featuring a red-black tree task scheduler and a hierarchical page table system for virtual memory management. It implements a sophisticated privilege model that handles transitions between kernel and user modes, ensuring process isolation through address space splitting and exception level m
Maps continuous physical memory in 2 MB sections instead of 4 KB pages to reduce translation table levels.
pwndbg is a GDB plugin and binary analysis framework designed for reverse engineering, exploit development, and low-level program analysis. It extends the core functionality of the debugger to provide advanced memory inspection and automation tools. The project distinguishes itself with specialized capabilities for heap analysis across glibc, jemalloc, and musl, as well as a comprehensive kernel debugging toolkit for inspecting Linux kernel tasks and slab allocators. It includes an integrated ROP gadget searcher for constructing exploit chains and an LLM-powered debugging assistant that provi
Parses ELF headers and memory maps to resolve symbols, PLT entries, and section permissions.
MAME is a vintage hardware emulation platform designed to recreate the circuitry of arcade games, computers, and consoles to run original software on modern devices. It functions as a retro gaming preservation framework for managing, verifying, and archiving ROM sets and disk images to ensure long-term software accessibility. The project features a system debugging tool for inspecting emulated memory, CPU registers, and execution flow via breakpoints and disassembly. It also includes a Lua-based automation layer that exposes core system state and hardware controls for custom behavior and anal
Records the current logical-to-physical memory mapping configuration of emulated devices to a log file.
GEF is a Python-based extension for GDB that serves as a framework for binary analysis, exploit development, and low-level debugging. It functions as a dynamic analysis extension designed to assist in reverse engineering workflows and malware analysis by enhancing the debugger's ability to inspect process state and memory. The project is distinguished by its specialized heap analysis tools, which allow for the inspection of glibc heap arenas, bins, and chunks to detect memory corruption. It also provides a dedicated toolkit for exploit development, including cyclic pattern generation for offs
Provides a comprehensive view of the process memory space with filtering by address, register, or section.
100 Go Mistakes is a reference book and code review companion that catalogues frequent Go programming anti-patterns and provides corrected implementations for each one. It covers a wide range of common pitfalls, from range loop variable capture and interface nil handling to error wrapping and map iteration randomization, helping developers recognize and avoid these issues in their own code. The project distinguishes itself by offering a structured, example-driven approach to learning idiomatic Go. It covers core design decisions such as when to use pointer versus value receivers, how to apply
Explains how to prevent memory leaks from Go map buckets that never shrink.
pcileech is a toolkit for executing DMA attacks, analyzing PCIe bus traffic, performing kernel patching, and conducting remote volatile memory forensics. It functions as a hardware memory acquisition tool and a PCIe DMA attack framework designed to read and write remote system memory via direct hardware interfaces. The project provides capabilities for capturing and displaying raw transaction layer packets from the PCIe bus and mounting live RAM as local drives for analysis. It enables the modification of system memory signatures and the execution of shellcode or implants within the kernel wi
Maps remote physical memory addresses to local virtual memory for real-time exploration as a mounted filesystem.
MemProcFS es una herramienta de análisis de memoria volátil y un sistema de adquisición de memoria multiplataforma. Funciona como un sistema de archivos virtual de análisis forense de memoria, mapeando la memoria física y los objetos del kernel en una estructura de directorio virtual que permite a los usuarios analizar artefactos del sistema utilizando herramientas estándar de sistema de archivos. El proyecto se distingue por proporcionar un sistema de archivos virtual para análisis forense de memoria, permitiendo navegar y consultar la memoria física como archivos y carpetas de solo lectura. También incorpora un escáner de memoria basado en Yara para identificar firmas de malware y código inyectado dentro de la memoria física. El motor cubre una amplia gama de capacidades forenses, incluyendo inspección de procesos e hilos, listado de conexiones de red y análisis del registro de Windows. Admite la ingesta de datos desde sistemas en vivo, volcados de memoria (crash dumps) y máquinas virtuales, mientras proporciona resolución de símbolos para traducir direcciones de memoria sin procesar en nombres significativos. La integración se admite mediante una interfaz programática multilingüe y envoltorios de biblioteca nativos para C y Java, así como scripting en Python para flujos de trabajo automatizados.
Acquires remote physical memory and presents it as a local virtual filesystem for exploration.