ddinjector

package
v0.0.0-...-bfe00b6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Rendered for windows/amd64

Overview

Package ddinjector provides an interface to the Windows ddinjector driver.

Index

Constants

View Source 
const DDInjectorCounterRequestSize = C.sizeof_struct__COUNTER_REQUEST
View Source 
const DDInjectorCountersV1Size = C.sizeof_struct__DRIVER_COUNTERS_V1
View Source 
const (
	GetCountersIOCTL = uint32(C.IOCTL_GET_COUNTERS)
)

Variables

This section is empty.

Functions

func OverrideOpenDriverHandle 

func OverrideOpenDriverHandle(fn openDriverHandleType)

OverrideOpenDriverHandle replaces opening the ddinjector driver with a mock implementation.

func OverrideQueryDriverCounters 

func OverrideQueryDriverCounters(fn queryDriverCountersType)

OverrideQueryDriverCounters replaces the device call to query counters with a mock implementation.

Types

type DDInjectorCounterRequest 

type DDInjectorCounterRequest C.struct__COUNTER_REQUEST

type DDInjectorCountersV1 

type DDInjectorCountersV1 C.struct__DRIVER_COUNTERS_V1

type Injector 

type Injector struct {
	// contains filtered or unexported fields
}

Injector represents an opened instance to the ddinjector driver.

func NewInjector 

func NewInjector() (*Injector, error)

NewInjector opens a handle to ddinjector to allow subsequent queries.

func (*Injector) Close 

func (inj *Injector) Close() error

Close closes the handle to ddinjector.

func (*Injector) GetCounters 

func (inj *Injector) GetCounters(counters *InjectorCounters) error

GetCounters queries the ddinjector current counters.

type InjectorCounters 

type InjectorCounters struct {
	// v1 fields
	ProcessesAddedToInjectionTracker     telemetry.SimpleGauge
	ProcessesRemovedFromInjectionTracker telemetry.SimpleGauge
	ProcessesSkippedSubsystem            telemetry.SimpleGauge
	ProcessesSkippedContainer            telemetry.SimpleGauge
	ProcessesSkippedProtected            telemetry.SimpleGauge
	ProcessesSkippedSystem               telemetry.SimpleGauge
	ProcessesSkippedExcluded             telemetry.SimpleGauge
	InjectionAttempts                    telemetry.SimpleGauge
	InjectionAttemptFailures             telemetry.SimpleGauge
	InjectionMaxTimeUs                   telemetry.SimpleGauge
	InjectionSuccesses                   telemetry.SimpleGauge
	InjectionFailures                    telemetry.SimpleGauge
	PeCachingFailures                    telemetry.SimpleGauge
	ImportDirectoryRestorationFailures   telemetry.SimpleGauge
	PeMemoryAllocationFailures           telemetry.SimpleGauge
	PeInjectionContextAllocated          telemetry.SimpleGauge
	PeInjectionContextCleanedup          telemetry.SimpleGauge
}

InjectorCounters encapsulates ddinjector counters to be reported upstream.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.