Michał Leszczyński
Michał Leszczyński
In some use cases, it is required to open the card in "exclusive" mode, especially if some stateful operations are involved. If the card is not opened in the exclusive...
Parse PCAP and display some small network summary in the web UI (e.g. list of TCP connections, DNS/HTTP requests etc)
Reactivate PR https://github.com/CERT-Polska/drakvuf-sandbox/pull/347
We might introduce an option which would cause drakrun to create a ramdisk on startup and copy `/var/lib/drakrun/volumes/snapshot.sav` to the ramdisk location, so to load the mem snapshots from this...
Right now we could end up in `syscall.log` being produced having ~500 MB of data for some analyses. This is JSON-text which could be gzipped to about 26 MB. I...
Depends on #10. Visualize DRAKVUF logs in the web UI in order to make them more discoverable. For each process separately, we would like to show (at least): * [...
We should setup a custom simple package repository to make distribution and installation easier.
Depends on #16. The comparison will allow to identify how accurate is the integration right now.
We do need some material to compare how far we are currently with the ProcDOT integration. This could be basically achieved by dropping a few samples into a VM monitored...