This is cs-analyze-processdump.py, my tool to analyze Cobalt Strike beacon process dumps, detecting and decoding sleep mode encoding.
cs-analyze-processdump_V0_0_2.zip (https)MD5: 699C184AA60F741B6DD7CB8C05E12448
SHA256: 5E6C121783C9BC1A392AA4FEFD77D66709B0C8FB2F3E568D8538C6CD81C7B315
[…] New tool: cs-analyze-processdump.py […]
Pingback by Week 48 – 2021 – This Week In 4n6 — Sunday 28 November 2021 @ 6:49