module
Windows Process Memory Dump
| Disclosed |
|---|
| N/A |
Disclosed
N/A
Description
This module creates a memory dump of a process (to disk) and downloads the file
for offline analysis.
Options for DUMP_TYPE affect the completeness of the dump:
"full" retrieves the entire process address space (all allocated pages);
"standard" excludes image files (e.g. DLLs and EXEs in the address space) as
well as memory mapped files. As a result, this option can be significantly
smaller in size.
for offline analysis.
Options for DUMP_TYPE affect the completeness of the dump:
"full" retrieves the entire process address space (all allocated pages);
"standard" excludes image files (e.g. DLLs and EXEs in the address space) as
well as memory mapped files. As a result, this option can be significantly
smaller in size.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.