Sandia National Laboratories: Virtual Machine Introspection (VMI) Tools and Volatility Support
If you are interested in the area of virtual machine introspection, you may want to check out the libVMI project which was recently released open source by Sandia. LibVMI extends the work done on the XenAccess Project to provide an introspection library for reading and writing memory across multiple virtualization platforms. The current release offers support for VMs running on either Xen or KVM. As an added bonus for the Volatility Community, you should also check out their Volatility address space (tools/pyvmi/pyvmiaddressspace.py). From what I have been told, this should provide similar functionality to Moyix’s pyxa. Shoutz to Bryan and the Sandia team. It’s always great to see other organizations leveraging the power and flexibility of Volatility to perform cutting edge research. Especially, when they are able to release it back to the community!
