Detection of runtime modifications in RWX memory regions

Copy from limitation docs: when memory regions have both write and execute permissions at the same time, the tracer cannot detect runtime memory modifications since it only monitors syscall-level operations for now.

1. mmap(PROT_READ | PROT_WRITE | PROT_EXEC)
2. write bytes inside the region
3. currently undetectable...