4 个仓库
Mechanisms to install taps on emulated address ranges to monitor or modify data during CPU access.
Distinct from Emulated Memory Access: Active interception/trapping of access for monitoring, rather than just reading/writing values to a space.
Explore 4 awesome GitHub repositories matching software engineering & architecture · Memory Access Interception. Refine with filters or upvote what's useful.
This project is a suite of runtime diagnostic tools designed to detect memory leaks, concurrency races, and language-specification violations during software execution. It provides a collection of dynamic analysis tools that identify addressability issues, uninitialized memory usage, and memory safety bugs in applications. The toolset includes a thread safety analyzer to identify data races and deadlocks in concurrent code, as well as an undefined behavior sanitizer to detect operations that violate language specifications. The system covers broad capabilities in memory safety monitoring and
Provides interception of memory access to monitor heap usage and detect invalid frees.
MAME is a vintage hardware emulation platform designed to recreate the circuitry of arcade games, computers, and consoles to run original software on modern devices. It functions as a retro gaming preservation framework for managing, verifying, and archiving ROM sets and disk images to ensure long-term software accessibility. The project features a system debugging tool for inspecting emulated memory, CPU registers, and execution flow via breakpoints and disassembly. It also includes a Lua-based automation layer that exposes core system state and hardware controls for custom behavior and anal
Provides mechanisms to install taps on emulated address ranges to monitor or modify data during CPU access.
Qira 是一个为 QEMU 模拟器设计的运行时分析工具和交互式二进制调试器。它作为一个二进制执行跟踪器,记录指令调用的完整时间线,并提供一个用于监视客户进程内内存操作的系统。 该项目通过跟踪指令级执行并将原始内存地址映射到用户定义的注释,实现了对编译二进制文件的分析。它包括用于管理执行分支的状态快照功能,允许导航不同的逻辑路径,并在记录的时间线上的任何单点检查 CPU 寄存器状态和系统调用参数。 该系统涵盖了广泛的动态程序分析和二进制逆向工程任务。这包括监视内存访问模式以识别修改特定数据的指令、在受控环境中分析恶意软件行为以及进行软件漏洞研究。
Tracks read and write operations to specific memory addresses during the runtime of a guest process.
HyperDbg is a hardware-assisted kernel-mode debugging platform that leverages virtualization to monitor and control system execution. By utilizing hypervisor-level primitives, it enables deep system analysis and instrumentation without relying on standard operating system debugging interfaces. The framework provides a comprehensive environment for inspecting both kernel and user-mode processes, allowing for granular control over execution flow and system state. The project distinguishes itself through a transparent debugging layer designed to remain invisible to the target environment. It emp
Identifies which instructions read from or write to specific memory structures.