You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am currently working on parsing the output of Drakvuf (as part of the Drakvuf Sandbox), and I think it would be very useful if the syscall arguments would be returned in the same manner as the apimon plugin does, i.e., within a dict referenced by an "Arguments" key. For example
This would make modeling syscall entries using libraries such as Pydantic and msgpack much easier and more efficient, and would make integration with other tools (such as capa, which is what I am integrating Drakvuf with currently) much easier.
If the devs agree to this, I can also try to implement this suggestion myself.
Thanks!
The text was updated successfully, but these errors were encountered:
yelhamer
changed the title
Consider returning syscall arguments inside a dictionary referenced by an "Arguments" key (similar to apimon plugin.
Consider returning syscall arguments inside a dictionary referenced by an "Arguments" key (similar to apimon plugin)
Jun 13, 2024
Hello,
I am currently working on parsing the output of Drakvuf (as part of the Drakvuf Sandbox), and I think it would be very useful if the syscall arguments would be returned in the same manner as the apimon plugin does, i.e., within a dict referenced by an "Arguments" key. For example
This would make modeling syscall entries using libraries such as Pydantic and msgpack much easier and more efficient, and would make integration with other tools (such as capa, which is what I am integrating Drakvuf with currently) much easier.
If the devs agree to this, I can also try to implement this suggestion myself.
Thanks!
The text was updated successfully, but these errors were encountered: