Fermion Scripts

Description

These are a collection of Fermion Scripts that I have found helpful while performing reverse engineering.

called_exported_functions.js - When you know a DLL is being loaded, you want to see what exported functions are being called.
scan_memory.js - Scan the current attached process for interesting strings.
CreateProcessW_Intercept.js - Intercept CreateProcessW and change the command line for process creation. I added a counter to ensure we are not launching the command multiple times, but this can be changed.

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
CreateProcessW_Intercept.js		CreateProcessW_Intercept.js
Kernel32_CreateProcessW_monitor_child_procs.js		Kernel32_CreateProcessW_monitor_child_procs.js
Kernel32_LoadLibraryExW.js		Kernel32_LoadLibraryExW.js
Kernel32_VirtualAlloc.js		Kernel32_VirtualAlloc.js
Kernel32_WriteFile.js		Kernel32_WriteFile.js
Kernel32_WriteProcessMemory.js		Kernel32_WriteProcessMemory.js
KernelBase_WriteFile.js		KernelBase_WriteFile.js
README.md		README.md
Wininet_InternetReadFileExA.js		Wininet_InternetReadFileExA.js
bcrypt_BCryptDecrypt.js		bcrypt_BCryptDecrypt.js
bcrypt_BCryptDecrypt_trace.js		bcrypt_BCryptDecrypt_trace.js
called_exported_functions.js		called_exported_functions.js
intercept_rpc_funcs.js		intercept_rpc_funcs.js
rpcrt4_NdrGetBuffer_print_buffer.js		rpcrt4_NdrGetBuffer_print_buffer.js
rpcrt4_NdrGetBuffer_update_buffer_onenter.js		rpcrt4_NdrGetBuffer_update_buffer_onenter.js
rpcrt4_NdrGetBuffer_update_buffer_onleave.js		rpcrt4_NdrGetBuffer_update_buffer_onleave.js
scan_memory.js		scan_memory.js