Contributor
Prajwal S N

Forensic analysis of container checkpoints


Mentors
Adrian Reber, Radostin Stoyanov
Organization
CRIU
Technologies
python, linux, go, golang, docker, kubernetes, protobuf
Topics
security, cli, container, Checkpoint/Restore, forensic analysis
The crit library in go-criu was created during GSoC 2022 to enable analysis of CRIU images with tools written in Go. It allows container management tools such as checkpointctl and Podman to provide capabilities similar to CRIT. The goal of this project is to extend this library with functionality for forensic analysis of container checkpoints to provide a better user experience. To effectively utilise this new feature, the checkpointctl CLI tool would also be extended to display information about the processes included in a container checkpoint and their runtime state (e.g. memory state, open files, sockets, etc).