Pool scan for kernel modules
Usage
- Hidden drivers
- Unlinked kernel modules
Commands
# Scan for hidden kernel modules (Vol2)
vol.py -f <mem> --profile=<profile> modscan
# Scan for hidden kernel modules (Vol3)
python3 vol.py -f <mem> windows.modscan