Hacking Tools p

Published on December 19th, 2016 | 1,552 views Post Views

PowerShellArsenal – PowerShell For Reverse Engineering

PowerShellArsenal is basically PowerShell for reverse engineering in a module format. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyse/scrape memory, parse file formats and memory structures, obtain internal system information, etc.

PowerShellArsenal is comprised of the following tools:

Disassembly – Disassemble native and managed code.
MalwareAnalysis – Useful tools when performing malware analysis.
MemoryTools – Inspect and analyze process memory.
Parsers – Parse file formats and in-memory structures.
WindowsInternals – Obtain and analyze low-level Windows OS information.
Misc – Miscellaneous helper functions.
Lib – Libraries required by some of the RE functions.

 

Usage

To install this module, drop the entire PowerShellArsenal folder into one of your module directories. The default PowerShell module paths are listed in the $Env:PSModulePathenvironment variable.

To use the module, type:

To see the commands imported, type:

For help on each individual command, Get-Help is your friend.

You can download PowerShellArsenal here:

PowerShellArsenal-master.zip

Or read more here.

Share on Facebook0Share on Google+0Tweet about this on TwitterShare on Reddit0Email this to someonePrint this pageShare on StumbleUpon0Digg thisPin on Pinterest0Share on LinkedIn0












Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑

You Might Also Like:
UK Government will spend £1.9bn on Cyber Security

Despite spending around 1 billion pounds on its cyber security capabilities the UK government and GCHQ still feel vulnerable from...

Close