ISC Stormcast For Sunday, August 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7610

procdump Version 10.1

Published: 2021-08-01. Last Updated: 2021-08-01 09:22:25 UTC
by Didier Stevens (Version: 1)
1 comment(s)

A new version of procdump, the Sysinternals tool to create process dumps, was released.

The new feature I'm interesting in, is the possibility to add a comment (option -dc)

I often use procdump, also for dynamic malware analysis, so this -dc option will enable me to do something like:

The second new feature, is a triage dump (-mt). With an intriguing description:

Removal of sensitive information is attempted but not guaranteed

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

Keywords: procdump sysinternals
1 comment(s)

Comments

Login here to join the discussion.


Diary Archives