The code supports harvesting plain card numbers if track data is not available, which I've used with success, but occasionally contains false positives. There is a Luhn check and some regexs to help reduce the false positives, but if that isn't enough, you can specify an IIN/BIN (http://www.binlist.net) to match on. Matching on IINs comes in handy when your client/target is in the financial industry. Coworker @curi0usJack helped me squash bugs and implemented a duplicate checking feature so we're not sending and logging the same data over and over.

Many times my targeted users are utilizing a terminal server environment. This makes my life easy because I can run the memory scraper at a centralized location (the terminal servers), but since there are multiple users, you will want to limit the memory scraping to only processes used by your targeted users. If not, you could be dumping memory from hundreds of processes that might not contain credit card data. For this reason, I built a function that checks the process owner against the values of the -User parameter. My common workflow is to identify my targeted users through group name in active directory, then specify them using the -User parameter and just let the memory scraper bake for a few days.

Everyone likes one-liners. If you want to run the memory scraper (example process is iexplore) run the following from the target system: