I hereby claim:
- I am scuzz3y on github.
- I am scuzz3y (https://keybase.io/scuzz3y) on keybase.
- I have a public key ASAevgmqnmdG7cY0Bu94p23mOqz8vmdyJwJiojz2Gy-8lgo
To claim this, I am signing this object:
Scuzz3y
/ keybase.md
Created
December 19, 2019 14:04
Scuzz3y
/ Get-InjectedThread.ps1
Created
March 15, 2018 00:44
— forked from jaredcatkinson/Get-InjectedThread.ps1
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |