Port to windows #6
Description
Is your feature request related to a problem? Please describe.
Do exactly what it does on Linux, but for Windows: Passively monitor system events and detect signatures of memory-based probes/attacks.
Describe the solution you'd like
Too early to have an idea. The solution needs to be low-cognitive load, simple, and obvious. It should have as few "clever" things as possible.
Additional context
The port would be completely inline with the current repo, by proper interfaces/facades that separate OS-specific functionality. It is not clear if such a feat is possible or useful. All of the monitoring code is Linux-specific. All analytics code is also very Linux specific.
Making it portable may end up making it stringly-typed, and Turing-complete - which is not a good thing.
Best path forward may be to prototype it and then refactor it to find places of abstraction.