Meterpreter Payload Detection: detecting Meterpreter in memory

by do son · Published May 10, 2017 · Updated February 6, 2018

Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool

Meterpreter Signature Authors: Rohan Vazarkar, David Bitner

Note: some API programming and Meterpreter Signature Created by these guys Rohan Vazarkar, David Bitner

Note: IPS Mode required RunAs Administrators

if you getting an error, use command with one argument

syntax: Meterpreter_Payload_Detection.exe IPS

syntax: Meterpreter_Payload_Detection.exe IDS

syntax: Meterpreter_Payload_Detection.exe Blobblob