2 个仓库
Inserting and executing binary code within the address space of a running process.
Distinct from Process Address Space Analysis: Candidates focus on address space analysis or allocation, not the active injection and execution of code blobs.
Explore 2 awesome GitHub repositories matching operating systems & systems programming · Live Process Code Injection. Refine with filters or upvote what's useful.
Dobby 是一个动态函数 Hook 框架和二进制插桩工具,旨在拦截和重定向编译二进制文件中的函数调用。它是一个跨平台、跨架构的库,为在不同操作系统和 CPU 架构上修改程序执行流提供了统一的接口。 该库通过向运行中的进程注入自定义处理程序,实现底层二进制插桩和运行时应用插桩。它常用于软件逆向工程,通过 Hook 内部函数来观察实时数据流和逻辑。 该框架涵盖了二进制补丁、运行时符号解析以及动态蹦床(trampoline)生成。它管理特定平台的内存保护,并将通用的 Hook 请求映射为特定架构的操作码,通过基于指令的 Hook 来重定向执行。
Injects custom logic into process memory while maintaining correct relative addresses for execution.
CRIU is a Linux process checkpointing tool and state manager used to freeze running applications and save their memory and state to disk for later restoration. It functions as a container migration engine and an OCI checkpoint image converter, allowing the live state of running containers to be transferred between different hosts. The project distinguishes itself through its ability to persist network connectivity, acting as a TCP connection state persister that saves and reconstructs network socket states to maintain active communication after a restart. It further enables the distribution o
Inserts and executes binary blobs within live processes to extract internal state without termination.