Zhentar
Zhentar
Sometimes, when I'm interested in analyzing a file, the version I currently happen to have on hand won't have public symbols available, while other versions do (e.g. Windows Defender executables)....
I'd like to register a C# script as a right-click context menu entry in Windows Explorer for files or folders. I think you just have to put the right command...
Since the wiki here is some of the best documentation available on this system, I wanted to jot down some things as I figure them out. Hopefully someone can update...
The purpose of this issue is to share some learnings (and some salt about DbgHelp) that I have gained in the past few days furthering ~~my descent into madness~~ my...
I've forked DbgShell and started putting together a basic memory search command (which hopefully I will be able to polish into a reasonable pull request before the ADHD decides otherwise...
I had figured that the inconsistent handling between addresses with only decimal digits was just an unfortunate cost of PowerShell, until I saw the AddressTransformation... so I poked at it...
I wanted to see the PEB for my process. Since the thread namespace includes a Teb, I figured there'd be a matching Peb in the process namespace, but alas, there...
Regular `dps`: ``` > dps 26ee7c30 26ee7c30 2368c010 26ee7c34 13234900 26ee7c38 5f080100 d2d1!CSRGBToLinearTranslator::s_shaders+400f0 26ee7c3c 26db1aa8 26ee7c40 26ee74a8 26ee7c44 26e80020 ``` Awesome recursive dps: ``` 26ee7c30 2368c010 -> 50afffa8 jscript9!Js::JavascriptLibrary::`vftable' 26ee7c34...
I've been trying to get 'where Roslyn tells Disasmo the entrypoint is' to match up with 'where the entry point actually is' with a disappointingly low success rate.... ```cs class...