Introduction

This is the (new) home of PyBox, a user-level framework for monitoring processes.

PyBox consists of

• a module (PyBox.dll), which is being injected into a target process, carrying a Python interpreter
• an API providing various tools for logging and analysis of activity as well as full manipulation of processes.

This rootkit-like approach allows close monitoring of behavior, thus helping to understand functionality of programs. Wiki Overview

• The PyBox original idea is explained here
• The requirements for setting up your own PyBox are explained here
• Check also out this blog post on the internals of PyBox