Added Get-StructFromMemory

Marshals data from an unmanaged block of memory in an arbitrary process to a newly allocated managed object of the specified type. In other words, it will parse and return a structure at a known memory address in any process.
author: bitform <matt@exploit-monday.com> 2013-01-02 20:48:10 -0500
committer: bitform <matt@exploit-monday.com> 2013-01-02 20:48:10 -0500
commit: 7734cb5b347a3befe866308fe20df39c0398f47f (patch)
tree: e0e484d0717d01f181b154c55be2d8e331877154 /README
parent: d2d6ee1409f5b31de8aa7d44598baacb115a3214 (diff)
download: PowerSploit-7734cb5b347a3befe866308fe20df39c0398f47f.tar.gz
PowerSploit-7734cb5b347a3befe866308fe20df39c0398f47f.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/README b/README
index 202358d..8eb8269 100644
--- a/README
+++ b/README
@@ -64,6 +64,10 @@ Get-KernelModuleInfo:
 
    Returns loaded kernel module information.
 
+Get-StructFromMemory.ps1:
+
+   Marshals data from an unmanaged block of memory in an arbitrary process to a newly allocated managed object of the specified type.
+
 Get-Member:
 
    A proxy function used to extend the built-in Get-Member cmdlet. It adds the '-Private' parameter allowing you to display non-public .NET members
author	bitform <matt@exploit-monday.com>	2013-01-02 20:48:10 -0500
committer	bitform <matt@exploit-monday.com>	2013-01-02 20:48:10 -0500
commit	7734cb5b347a3befe866308fe20df39c0398f47f (patch)
tree	e0e484d0717d01f181b154c55be2d8e331877154 /README
parent	d2d6ee1409f5b31de8aa7d44598baacb115a3214 (diff)
download	PowerSploit-7734cb5b347a3befe866308fe20df39c0398f47f.tar.gz PowerSploit-7734cb5b347a3befe866308fe20df39c0398f47f.zip