Retrieves the memory map per process in the target Linux system.: Ability to compare with known good. Identify mapped regions corresponding with or containing injected code.
Query:
select * from process_memory_map;Additional Query Info:
Version: 1.4.5
Platform: linux
Interval: 86400
JSON:
{ "queries": { "process_memory": { "query" : "select * from process_memory_map;", "interval" : "86400", "platform" : "linux", "version": "1.4.5", "description" : "Retrieves the memory map per process in the target Linux system.", "value" : "Ability to compare with known good. Identify mapped regions corresponding with or containing injected code." } } }