In the previous blogpost - Fixing (Windows Internals) Meminfo.exe - we dig into the tool Meminfo.exe from Windows Internals Book highlighting “FileInfo requests”. I suggest you take a look at some details about another type of request named “SuperFetchQuery” which can be useful for some scenarios like Red Team / Privesc, Pentest, Exploit Dev or Maldev. Let’s take a look ! TL;DR The superfetch queries and fileInfo requests are alternatives methods that allow you to get many Windows i...
