Kali
CSIRT-Collect is a PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission requirements for said directory will be dependent on the nuances of …
Continue reading “CSIRT-Collect : PowerShell Script To Collect Memory And (Triage) Disk Forensics”
CSIRT-Collect is a PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission requirements for said directory will be dependent on the nuances of …
Continue reading “CSIRT-Collect : PowerShell Script To Collect Memory And (Triage) Disk Forensics”
Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do the injection. The library comes with tools not …
Continue reading “Memory Mapper : Map Both Native & Managed Assemblies Into Memory”
Blackbone is a tool used to hack windows memory library. Blackbone is licensed under the MIT License. Features Of Blackbone Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Also Read BLEAH – A BLE Scanner For SMART Devices Hacking Process modules Enumerate …
Continue reading “Blackbone – Memory Hacking Library For Windows”
