Enumerate modules with CreateToolhelp32Snapshot.
This is a writeup for picoCTF 2019 mus1c, which uses the Rockstar programming language.
I use CyberChef daily for malware analysis, programming, and CTF challenges. Installing CyberChef locally can be handy for general privacy and OPSEC reasons. A local installation also works without internet connectivity. The main drawback of using CyberChef locally is that sharing recipes and data you have decoded with your teammates isn't as straightforward as copying …
Quick and dirty example of process enumeration using CreateToolhelp32Snapshot
Quick example of using WTSEnumerateProcesses to enumerate processes running on a Windows machine.
Using procfs For Forensics and Incident Response.
My review of SEKTOR7 Institute's Red Team Operator, Windows Persistence course.
Review of RED TEAM Operator: Malware Development Essentials Course by SEKTOR7 Institute.