Home > Disassembly, Tech, Windows > injdmp: dumping injected processes and dumping process memory that is marked as RWX

injdmp: dumping injected processes and dumping process memory that is marked as RWX

This is awesome.

http://hooked-on-mnemonics.blogspot.com/p/injdmp.html

injdmp is a tool for dumping injected processes and dumping process memory that is marked as RWX. The tool can detect most malware that uses process injection. As of this writing it can dump processes related to Zeus/Citadel, Cridex, Ramnit, Poison Ivy  and a number of other families of malware.

Advertisements
Categories: Disassembly, Tech, Windows
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s