Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
-
Updated
Nov 6, 2024 - C++
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shellcode, memory regions, modules and processes.
Analyze a TSV file to find ID with highest consumption between start time and end time
Add a description, image, and links to the process-analyzer topic page so that developers can more easily learn about it.
To associate your repository with the process-analyzer topic, visit your repo's landing page and select "manage topics."