Vulnerability & Exploit Database

Back to search

Windows Gather Process Memory Grep

This module allows for searching the memory space of a process for potentially sensitive data. Please note: When the HEAP option is enabled, the module will have to migrate to the process you are grepping, and will not migrate back automatically. This means that if the user terminates the application after using this module, you may lose your session.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name



  • bannedit <bannedit [at]>


  • windows



Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use post/windows/gather/memory_grep msf post(memory_grep) > sessions ...sessions... msf post(memory_grep) > set SESSION <session-id> msf post(memory_grep) > show options and set options... msf post(memory_grep) > run