Hello all,

Some of you may have noticed that version 2004 of W10 is yet to get support, also, the kernel module has effectively been broken by the new kernel version. The changes needed to fix these issues are not big, but right now I'm in a delicate situation.

I have been cowriting a new tool for memory introspection for a couple months already, which would provide everything vmread can do better, and so, so much more, such as ability to work with DMA devices, dump files, and more. As it currently stands, our target is to release it around the end of the summer, and due to most of the effort being put in the new project, a bit of maintenance vacuum has formed.

It is unlikely that I will be able to go and fix 2004 support, and an extra pair of hands would be wonderful for the project. So this is a call for anyone interested in maintaining the project for a while, it would mostly involve just fixing the 2 issues for now, but afterwards, as long as the project stays to its core, I will not intervene regarding the way it was decided to be developed. EOLing it altogether would also be fine after the summer, it's just these 1-3 months that are important.

Thank you for your understanding
-Auri

Hey,

Let me know if there is anything I can help with. Can't help but notice from the screenshots, it looks like this new tool you're working on is written in Rust.

I've been working on something heavily inspired by vmread for a little while, in Rust. (https://github.com/canselcik/libvirtdma)

Pretty much a re-implementation of vmread in Rust with some additional helpers for Windows DMA stuff using vergiliusproject.com as a reference. I am sure your new tool is more advanced and at times more correct with the Windows Kernel structs so let me know if you want to collaborate on that in some way.

I even have Ghidra and IDA bridge plugins I put together real quick (also found in that repo) that can do realtime memory acquisition from the guest, without having to export files and import them into the RE tool.

It is indeed written in rust! Your project also looks really cool, esp. the RE tool integration. I was going to rewrite vmread in rust myself, but a friend of mine had already started a similar project from scratch. If you are interested, feel free to join our (quite quickly created) discord, and talk wth ko1N, as I'm taking a weekend off.

This issue will soon become obselete with the release of memflow, which is set for September 1. Closing.

Very exciting!