The Kernel Module data contains all attributes about a Linux kernel module that was flagged by Sandfly Security or a user defined sandfly for whatever reason.
{
"name": "",
"memory_size": 0,
"instance_count": 0,
"state": "",
"memory_offset": "",
"taints": null,
"taints_list": "",
"kernel_taint_missing": false,
"hidden": false,
"missing_file": false,
"dependencies": null,
"module_file_path": "",
"file": {
"date": {
"created": "",
"created_minutes": 0,
"modified": "",
"modified_minutes": 0,
"accessed": "",
"accessed_minutes": 0
},
"inode": 0,
"device": 0,
"rdevice": 0,
"nlink": 0,
"mode": "",
"uid": 0,
"username": "",
"gid": 0,
"groupname": "",
"size": 0,
"size_byte_count": 0,
"size_mismatch": false,
"blksize": 0,
"blocks": 0,
"path": "",
"path_root": "",
"path_link": "",
"name": "",
"extension": "",
"flags": {
"directory": false,
"regular": false,
"link": false,
"suid": false,
"suid_root": false,
"sgid": false,
"sgid_root": false,
"socket": false,
"device": false,
"char_device": false,
"named_pipe": false,
"sticky": false,
"immutable": false,
"hidden": false,
"deleted": false
},
"entropy": 0,
"hash": {
"md5": "",
"sha1": "",
"sha256": "",
"sha512": ""
},
"magic_num": {
"hex": "",
"text": "",
"type": "",
"class": "",
"expected_extensions": null
},
"data": null
}
} | Previous Article: | Next Article: |  |