memflow-win32

This crate provides integration for win32 targets for memflow. This library can be used in addition to the memflow core itself read processes, modules, drivers, etc.

Example initializing a win32 target:

use std::fs::File;
use std::io::Write;

use log::{error, Level};

use memflow::connector::*;
use memflow_win32::win32::{Kernel, Win32OffsetFile};

pub fn main() {
    let connector_name = std::env::args().nth(1).unwrap();
    let connector_args = std::env::args().nth(2).unwrap_or_default();

    // create inventory + connector
    let inventory = unsafe { ConnectorInventory::try_new() }.unwrap();
    let connector = unsafe {
        inventory.create_connector(
            &connector_name,
            &ConnectorArgs::parse(&connector_args).unwrap(),
        )
    }
    .unwrap();

    // initialize kernel
    let kernel = Kernel::builder(connector)
        .build_default_caches()
        .build()
        .unwrap();

    println!("{:?}", kernel);
}

Additional examples can be found in the examples subdirectory.