Giters

ITh4cker / MemoryPatchDetector

Detects code differentials between executables in disk and the corresponding processes/modules in memory

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Memory Patch Detector

Detects code differentials between executables in disk and the corresponding processes/modules in memory

Requirements

pip install ctypes
pip install winappdbg
pip install pywin32
pip install pypiwin32
pip install pefile
pip install capstone

Usage

python windows_memory_patches.py

Notes

The script needs Administrator/SYSTEM privileges in order to analyze all the processes in memory

About

Detects code differentials between executables in disk and the corresponding processes/modules in memory

License:MIT License

Languages

Language:Python 100.0%