-
```
What steps will reproduce the problem?
1. Simple HTTP fuzzer against local XP target
2. procmon detects access violation on a test case
3. sessions.py references a null variable, crashes
What is …
-
All tools I have seen so far miss managed methods. ProcmonV2 does display empty lines, ProcmonV1 does not support stacks at all, but TraceEvent has support for managed stacks.
Nice tool but the se…
-
We do need some material to compare how far we are currently with the ProcDOT integration. This could be basically achieved by dropping a few samples into a VM monitored by procmon, generating graphs …
-
```
$ make
Scanning dependencies of target clang_frontend
[ 0%] Building CXX object src/cc/frontends/clang/CMakeFiles/clang_frontend.dir/loader.cc.o
[ 0%] Building CXX object src/cc/frontends/…
-
```
What steps will reproduce the problem?
1. Simple HTTP fuzzer against local XP target
2. procmon detects access violation on a test case
3. sessions.py references a null variable, crashes
What is …
-
**Describe the bug**
When you go open pdf files from the internet, they just don't load,
it is worth noting that not all PDF files do not load, infact some do load fine
For example:
failed to …
-
I think file accessing monitor is a very usefull feature, could u please conside to add it?
xioxu updated
10 months ago
-
I came across the WowUp Curseforge cookie database by chance. It seemed strange to me that the file was so large. Actually, the application should only contain cookies that WowUp needs to run properly…
-
I'm testing some adversary emulation on Caldera and I'm using Sandcat as the agent to deploy operations. I have this ability with just an executable called Backstab and it runs fine both locally and w…
-
建议增加一个Procmon的bootlogging功能,对于分析开机引导的恶意程序非常有用。
实现如下:
1、通过GUI写驱动服务自启、写驱动配置(捕获哪些数据、捕获多久/多大后自动停止还是手动停止、记录保存在哪里);
2、重启系统后,驱动根据配置开始捕获数据,并写入记录文件到指定目录(procmon默认在windows目录,后缀为pmb文件);
3、再次运行GUI程序时,检测是否为b…