ProcTool

proctool is a proof-of-concept tool implementing "Artifact Tracing via I/O Monitoring".

To know more about it check out the presentation and the demo.

Prerequisites

Nix

Installation

$ nix-shell
$ make install

Testing

$ nix-shell
$ make test

Caveats

Current implementation is based on strace. A high performance hit is expected.
openat and execve are the only supported syscalls.
No children of the surveilled process will be monitored after the dead of its parent.

Name		Name	Last commit message	Last commit date
Latest commit History 88 Commits
bin		bin
demo		demo
src		src
tests		tests
.envrc		.envrc
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
ProcTool_Artifact_Tracing_via_Process_IO_Monitoring.pptx		ProcTool_Artifact_Tracing_via_Process_IO_Monitoring.pptx
README.md		README.md
blob2go.py		blob2go.py
go.mod		go.mod
go.sum		go.sum
main.go		main.go
shell.nix		shell.nix

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

ProcTool

Prerequisites

Installation

Testing

Caveats

About

Uh oh!

Releases

Packages

Contributors 2

Uh oh!

Languages

License

BBVA/proctool

Folders and files

Latest commit

History

Repository files navigation

ProcTool

Prerequisites

Installation

Testing

Caveats

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Uh oh!

Languages

Packages