Load pykd.pyd
.load pykd.pyd
Verify Mona is working by viewing usage information
!py mona
Search for modulars that are not ASLR or rebased
!py mona noaslr
Search through memory to find ROP gadgets in the kernel32.dll module
!py mona rop -m kernel32.dll
We can search multiple modules at once to find ROP gadgets for better results
!py mona rop -m "kernel32.dll,server.exe,ws2_32.dll,RPCRT4.dll" -cpb "\x00\x0a\x0d"
Search for gadgets using wildcards. The following example will search kernel32.dll for pop any 32 bit register, pop any 32 bit register, and then a return
!py mona findwild -m kernel32.dll -s "pop r32 # pop r32 # ret"
distributedcompute.com 