Fig 5 - uploaded by Mohamed Alshehri
Content may be subject to copyright.
Source publication
This paper compares different open-source tools available to determine which one is the most efficient in different business situations in terms of comprehensive detection, steps for configuration, and utilities for relaying discoveries. These tools include Memhunter, Volatility, and Sysmon.
Context in source publication
Context 1
... allows the library to reflectively load itself using a PE loader that allows it to minimize interactions with the host system and process, as well as determine interactions with the host [19]. The injection command is shown in Figure 2, with the resulting thread created in Figure 5. ...