Fermé

extend the PoolScanner class and extend the AbstractScanCommand class on Volatitlity framework

Building a Custom Pool Scanner

Volatility framework implements pool-scanning technique to allocate various objects in a given memory dump. The tool fully relies on PoolScanner class for the development and customization of scanner-based plugins. In this project, students are asked to extend and customize the behavior of new pool-scanner plugin. Your new pool-scanner plugin must be extended from PoolScanner class. The newly developed plugin must support object of type _EPROCESS with nonpaged and free memory allocations.

New command-line options must be integrated into the new pool-scanner plugin. You will extend the AbstractScanCommand class to customize the command-line options for your new pool-scanner plugin. The new plugin must be equipped with various command-line options which allow the user to tweak the behavior of the scanner. The following provides descriptions of the options that need to be implemented into the new pool-scanner plugin.

Command-line option descriptions:

-V/ --virtual: This command-line option support virtual kernel address space scanning feature. This enables you to scan only active pages for which the kernel currently has mapped

-W/--show-unallocated: This option controls whether the new plugin shows objects that operating system expliciltly marks as unallocated

-S/--start and -L/Length: These options provide you with capability of scanning the memory dump within a specific range of memory instead of the entire memory. The address is determined to be a location in physical memory or virtual depending on whether the -v/--virtual flag is set.

Deliverables:

• A document that describes the full implementation of the pool-scanner algorithm.

• A diagram that describes the behaviors of the pool-scanner algorithm for each of the implemented option

• The source files

• Samples runs of the new plugin

Compétences : Java, Computer Science, Programmation C, Programmation C++

Concernant le client :
( 0 commentaires ) Huntsville, United States

Nº du projet : #33657437

2 freelances font une offre moyenne de 120 $ pour ce travail

vladang

Hello... I am interested

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% USD en 7 jours
(223 Commentaires)
6.9
bernardkanyumu40

CUSTOM POOL SCANNER SOFTWARE DEVELOPER DEAR EMPLOYER, I can assure you 100% that we are fully capable of executing any level of task/project based on the skill required. I am fully confident about our skills and my und Plus

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% USD en 1 jour
(0 Commentaires)
0.0