Skip to content

v0.2.8

Choose a tag to compare

View all tags
@hasherezade hasherezade released this 12 Jul 23:27
· 852 commits to master since this release
v0.2.8
fc0ea26

FEATURE

  • Detailed info about a single parameter can be requested by: /<parameter> ?
  • New modes in the /data parameter
  • New parameter /dnet allowing to enable treating .NET modules differently than native ones
  • Report about PE implants and shellcode implants separately
  • Added information in the report: process bitness, is process managed (vs native)
  • Minor changes in the API: PEsieve_version implemented as a constant
  • Allow for partial scanning of 64 bit processes by a 32 bit scanner

BUGFIX

  • If the parameter /refl chosen, the process reflection should be used for both scan and dump
  • Fixed switching back to the original console color after printing in color (improved look on Powershell console)
  • Fixed recognizing if the PE in the memory is in raw or virtual mode (it was giving invalid results for some payloads)
  • Fixed broken parameter /mfilter

REFACT

  • Refactored parsing of the parameters
  • Internal refactoring and cleanup of the scanner
Assets 8
Loading