Monitoring any execution inside .text section
chico-depressive opened this issue · 2 comments
hey @tandasat amazing job dude, I love your codes!
I am trying to know if ddimon can be used to detect execution inside some memory range, or can be used only as inline hooking?
It puts the whole OS in supervised mode? Is possible to run it inside virtualbox?
Hey,
This is designed for inline hooking, and detection of execution is not bread and butter of this project.
MemoryMon (https://github.com/tandasat/MemoryMon/) is written exactly for that purpose, however. I may want to check it out. It monitoring execution of pool, and only for the kernel-mode though
Yes all my hypervisors visualize whole OS, and cannot run inside VirtualBox.
@tandasat thank you sir, for your help! I am going to read the source code of MemoryMon