Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
翻译 - 扫描所有正在运行的进程。识别并转储各种潜在的恶意植入(替换/植入的 PE、shellcode、挂钩、内存中的补丁)。
C2.04 k
17 天前
Educational, CTF-styled labs for individuals interested in Memory Forensics
翻译 - CTF风格的教育性实验室,面向对记忆取证感兴趣的个人
Shell1.66 k
4 年前
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
Python251
2 个月前