Module library_list 

Process shared library enumeration for Linux memory forensics.

Enumerates shared libraries loaded by each process by walking the vm_area_struct VMAs that map .so files. Equivalent to combining Volatility’s linux.proc.Maps with library-specific filtering.

Useful for detecting LD_PRELOAD injected libraries, anomalous .so files mapped from world-writable directories, or unlinked (deleted) shared objects still resident in memory.

Re-exports

pub use crate::heuristics::classify_library;

Structs

SharedLibraryInfo

Information about a shared library mapped into a process’s address space.

Functions

walk_library_list

Walk the VMA list for a single process and enumerate shared libraries.