Wednesday, October 7, 2009

Process Explorer VS Process Hacker

Process Hacker Functions

1) Process Dump
2) DLL Inject / Unload
3) Driver Load / Unload
4) Scan PEid….
5) Full Memory Dump
6) Hidden Process View
7) Memory View / Editor

Process Hacker Download :


Process Hacker can terminate, suspend, resume, restart and set the priority of processes. Processes are highlighted to provide additional information such as whether they are elevated or in a job. More interesting things you can do with processes includes injecting DLLs and even replacing security tokens (XP only).
Processes Threads


It can also terminate, suspend, resume and set the priority of threads. Symbolic start addresses are provided, and double-clicking a thread will show its call stack. Additionally, GUI threads (threads which have made at least one call to a GUI function) are highlighted.


It can display the modules loaded by each process and their properties. It can also find the address of any exported function in a module, change page protection of the module's memory region, and read the module's memory.


Token It can display each process' primary token and its user, source, groups and privileges. It even allows you to enable and disable privileges.


It can display (using VirtualQueryEx()) the memory regions in a process' virtual memory space, and even read/write data using a built-in hex editor.
Memory Memory Editor


It can display the handles opened by processes and can close them.


Process Hacker also supports saving memory search results and even intersecting (finding common items between) two sets of search results!
Memory Search Search Results

No comments:

Post a Comment