IntroVirt, short for introspective virtualization, is a customized hypervisor and library that provides a robust virtual machine introspection (VMI) application programming interface (API). VMI is the process of looking at the memory contents of a virtual machine (VM) during runtime. By applying knowledge of the guest operating system, introspection can be used for a variety of applications, including reverse engineering, debugging software and securing guest VMs by limiting access to files or limiting an executing application’s functionality.

IntroVirt consists of three components: a patched version of the KVM hypervisor, the IntroVirt userland library and a Microsoft Program Database (MS PDB) parsing library.

Proven Application Areas:

  • Cyber asset protection
  • Malware analysis
  • Reverse engineering
  • Dynamic application analysis
  • Dynamic forensic analysis
  • Cyber Deception
  • Training & simulation
  • Experimentation & instrumentation
  • Cloud security

Advantage: IntroVirt

  • Collect and analyze non-invasively, without guest cooperation
  • Enable and disable event interception—context-based, with low overhead
  • Enforce policy, manipulate the environment and terminate a process
  • Examine core Windows® data structures
  • Trace Windows® system calls, system call returns and arguments

Get started with IntroVirt by installing the latest release from our GitHub repository. Whether you’re looking to build tools for reverse engineering, malware analysis or advanced anti-malware, IntroVirt has you covered. Check out usage examples and explore its full potential. Have questions? Let us know if you run into any issues.

Contact Us Today

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound