add VMIStruct class to automatically resolve fields and structure pointer

Wenzel / pyvmidbg

LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger

GNU General Public License v3.0

217 stars 25 forks source link

Closed Wenzel closed 5 years ago

Wenzel commented 5 years ago

The VMIStruct helper uses $STRUCTS rekall profile dict and implements __getattr__ to automtically resolve a field and read the memory content