Pool scan for TCP/UDP objects
Usage:
- Hidden sockets
- DKOM-hidden network activity
Better than:
- netstat-based approaches
Commands
# Scan for network connections/sockets (Vol2)
vol.py -f <mem> --profile=<profile> netscan
# Scan for network connections/sockets (Vol3)
python3 vol.py -f <mem> windows.netscan