- 
                Notifications
    You must be signed in to change notification settings 
- Fork 464
Home
        hasherezade edited this page Feb 24, 2024 
        ·
        53 revisions
      
    Start by reading the FAQ - Frequently Asked Questions
- FAQ
- How to build
- Default features
- 
Additional features
- Detect shellcodes by (hardcoded) patterns (/shellc)
- Detect shellcode by custom patterns (/pattern)
- Detect shellcode by scanning threads' callstack (/threads)
- Detect obfuscated/encrypted areas (/obfusc)
- Change dump mode (/dmode)
- Import table reconstruction (/imp)
- Scan non executable memory (/data)
- Create a MiniDump of the full process (/minidmp)
- Ignore modules (/mignore)
- Detect IAT Hooks (/iat)
- Create a process reflection before the full scan (/refl)
 
- Detect shellcodes by (hardcoded) patterns (
- API
- Docs 📚
- Videos 🎬
- References