djhaynes
commented
11 years ago The ASLR information seems to only be available via the PE Header, which means it will be added to the pefile test, instead of the process58_test. (http://msdn.microsoft.com/en-us/magazine/ms809762.aspx)
Details of this request are outlined in the following developer list message: http://making-security-measurable.1364806.n2.nabble.com/Developer-Days-Artifact-Hunting-Slides-tp6463048p6463048.html See slide 11.