Windows Pwn

Mona is used extensively in Windows pwn. It is a part of the Immunity Debugger
!mona pattern_create 1000 # Generate a unique 1000 byte buffer
!mona pattern_offset 37694136 # Identify the offset of the buffer with EIP address
!mona modules -o # This shows the modules used by the program, -o ignores OS modules
!mona jmp -r est -m Configuration.dll # Select one of the DLLs not participating in ASLR to find static address
​