Commit 478a5d57 authored by Felix Bilstein's avatar Felix Bilstein
Browse files

.

parent c23dd1a1
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
|_| |_|
``` ```
This project is useful if you want to dump very easy and fast some processes and their Virtual Process Memory This project is useful if you want to dump very easy and fast some processes and their Virtual Process Memory.
Good for reversing software/malware, but if you want to do serious business you may want to stick with Rekall-Framework. Good for reversing software/malware, but if you want to do serious business you may want to stick with Rekall-Framework.
Created was the project as a part of the Bachelor studies at the University in Bonn, Germany. Created was the project as a part of the Bachelor studies at the University in Bonn, Germany.
...@@ -23,4 +23,4 @@ Some code fragments (marked in the source) are from Daniel Plohmann, who was lea ...@@ -23,4 +23,4 @@ Some code fragments (marked in the source) are from Daniel Plohmann, who was lea
- InfoPE.py is a generally PE-File Reading Tool - InfoPE.py is a generally PE-File Reading Tool
- dump.py is used for dumping processes - dump.py is used for dumping processes
- FixPE.py is able to overwrite the section table. - FixPE.py is able to overwrite the section table.
Useful for working with IDA Pro or others. Remapping the binary file would cause confusion to the tools. Useful for working with IDA Pro or others. No remapping of the binary file could lead to confusion of those tools.
\ No newline at end of file \ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment