GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → thalium → Icebox

thalium / Icebox

Licence: mit
Virtual Machine Introspection, Tracing & Debugging

Programming Languages

introspection
24 projects

Labels

debuggingtracingvirtualizationvirtualboxhypervisor

Projects that are alternatives of or similar to Icebox

Asm
Assembly Tutorial for DOS
Stars: ✭ 125 (-70.38%)
Mutual labels:  debugging, virtualization, virtualbox
iopipe-go
Go agent for AWS Lambda metrics, tracing, profiling & analytics
Stars: ✭ 18 (-95.73%)
Mutual labels:  debugging, tracing
Hypervisor
Hypervisor implementation for x86_64 ISA MIT JOS
Stars: ✭ 25 (-94.08%)
Mutual labels:  virtualization, hypervisor
Microverse
macOS virtualization app for M1/Apple Silicon
Stars: ✭ 71 (-83.18%)
Mutual labels:  virtualization, hypervisor
serverless-lumigo-plugin
Serverless monitoring and troubleshooting plugin to easily apply distributed tracing
Stars: ✭ 59 (-86.02%)
Mutual labels:  debugging, tracing
Imm2Virtual
This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
Stars: ✭ 40 (-90.52%)
Mutual labels:  virtualbox, virtualization
ansible virtualization
Ansible Collection: Virtualization roles
Stars: ✭ 31 (-92.65%)
Mutual labels:  virtualbox, virtualization
Elinux
嵌入式 Linux 知识库 (elinux.org) 中文翻译计划;本项目发起人发布了《360° 剖析 Linux ELF》视频课程,欢迎订阅:https://www.cctalk.com/m/group/88089283
Stars: ✭ 193 (-54.27%)
Mutual labels:  tracing, debugging
M7M01 MuEukaron
An capability-based microkernel general-purpose operating system focusing on scalability, predictability, mixed-criticality and recoverability. THIS PROJECT IS IN PREVIEW STATE CURRENTLY
Stars: ✭ 79 (-81.28%)
Mutual labels:  virtualization, hypervisor
vzvol
vzvol is a general use ZFS zvol management tool, that handles creation, destruction, listing, and formatting with various FSes, in an easy to use single program
Stars: ✭ 27 (-93.6%)
Mutual labels:  virtualbox, virtualization
Kubernetes Under The Hood
This tutorial is someone planning to install a Kubernetes cluster and wants to understand how everything fits together.
Stars: ✭ 279 (-33.89%)
Mutual labels:  virtualization, virtualbox
haaukins
A Highly Accessible and Automated Virtualization Platform for Security Education
Stars: ✭ 148 (-64.93%)
Mutual labels:  virtualbox, virtualization
Postmortem
A simple debug library for Clojure(Script) that features data-oriented logging and tracing
Stars: ✭ 143 (-66.11%)
Mutual labels:  debugging, tracing
uvmm
Virtual machine monitor for L4Re
Stars: ✭ 22 (-94.79%)
Mutual labels:  virtualization, hypervisor
iopipe-js
Build and run serverless apps with confidence on AWS Lambda with Tracing, Profiling, Metrics, Monitoring, and more.
Stars: ✭ 33 (-92.18%)
Mutual labels:  debugging, tracing
elixir-fire-brigade-workshop
Workshop "Join the Elixir Fire Brigade - Level-up Your Elixir Debugging Skills" (ElixirConf US 2017)
Stars: ✭ 14 (-96.68%)
Mutual labels:  debugging, tracing
Learn Kvm
Qemu KVM(Kernel Virtual Machine)学习笔记
Stars: ✭ 305 (-27.73%)
Mutual labels:  virtualization, hypervisor
Rexbug
A thin Elixir wrapper for the redbug Erlang tracing debugger.
Stars: ✭ 126 (-70.14%)
Mutual labels:  tracing, debugging
Redbug
erlang tracing debugger
Stars: ✭ 159 (-62.32%)
Mutual labels:  tracing, debugging
Project-Mendacius
A GUI based virtualisation tool for running Linux on macOS Big Sur (x86 or arm64)
Stars: ✭ 107 (-74.64%)
Mutual labels:  virtualbox, virtualization
View All Similar Projects ➔

IceBox Build Status

Icebox is a Virtual Machine Introspection solution that enable you to stealthily trace and debug any process (kernel or user). It's based on project Winbagility.

Files which might be helpful:

Demo

demo

Project Organisation

  • fdp: Fast Debugging Protocol sources
  • icebox: Icebox sources
    • icebox: Icebox lib (core, os helpers, plugins...)
    • icebox_cmd: Program that test several features
    • samples: Bunch of examples
  • winbagility: stub to connect WinDBG to FDP
  • virtualbox: VirtualBox sources patched for FDP.

Getting Started

A full getting started was written here.

Otherwise, check our samples folder. You can build these samples with these instructions after you installed the requirements.

If your using a Windows guest you might want to set the environement variable _NT_SYMBOL_PATH to a folder that contains your guest's pdb. Please note that icebox setup will fail if it does not find your guest's kernel's pdb.

vm_resume:
vm_resume just pause then resume your VM.

cd icebox/bin/$ARCH/
./vm_resume <vm_name>

nt_writefile:
nt_writefile breaks when a process calls ntdll!NtWriteFile, and dumps what's written in a file on your host in the current directory.

cd icebox/bin/$ARCH/
./nt_writefile <vm_name> <process_name>

heapsan:
heapsan breaks ntdll memory allocations from a process and add padding before & after every pointer. It is still incomplete and doesn't do any checks yet.

cd icebox/bin/$ARCH/
./heapsan <vm_name> <process_name>

wireshark:
wireshark breaks when ndis driver reads or sends network packets and creates a wireshark trace (.pcapng). Each packet sent is associated to a callstack from kernel land to userland if necessary.

cd icebox/bin/$ARCH/
./wireshark <name> <path_to_capture_file>
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].