Rapid7 Vulnerability & Exploit Database

Windows Gather Process Memory Grep

Back to Search

Windows Gather Process Memory Grep



This module allows for searching the memory space of a process for potentially sensitive data. Please note: When the HEAP option is enabled, the module will have to migrate to the process you are grepping, and will not migrate back automatically. This means that if the user terminates the application after using this module, you may lose your session.


  • bannedit <bannedit@metasploit.com>




Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.

– Jim O’Gorman | President, Offensive Security