diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -84,9 +84,9 @@ Returns the process environment block (PEB) of a process. Disassembles a raw MSIL byte array passed in from a MethodInfo object in a manner similar to that of Ildasm. -#### `Get-KernelModuleInfo` +#### `Get-NtSystemInformation` -Returns loaded kernel module information. +A utility that calls and parses the output of the ntdll!NtQuerySystemInformation function. This utility can be used to query internal OS information that is typically not made visible to a user. #### `Get-StructFromMemory` @@ -100,6 +100,10 @@ A proxy function used to extend the built-in Get-Member cmdlet. It adds the '-Pr Dumps strings from files in both Unicode and Ascii. This cmdlet replicates the functionality of strings.exe from Sysinternals. +#### `ConvertTo-String` + +Converts the bytes of a file to a string that has a 1-to-1 mapping back to the file's original bytes. ConvertTo-String is useful for performing binary regular expressions. + #### `Get-MethodAddress` Get the unmanaged function address of a .NET method. |