Process Hacker Functions
1) Process Dump
2) DLL Inject / Unload
3) Driver Load / Unload
4) Scan PEid….
5) Full Memory Dump
6) Hidden Process View
7) Memory View / Editor
Process Hacker Download : http://processhacker.sourceforge.net/
Processes
Process Hacker can terminate, suspend, resume, restart and set the priority of processes. Processes are highlighted to provide additional information such as whether they are elevated or in a job. More interesting things you can do with processes includes injecting DLLs and even replacing security tokens (XP only).
Threads
It can also terminate, suspend, resume and set the priority of threads. Symbolic start addresses are provided, and double-clicking a thread will show its call stack. Additionally, GUI threads (threads which have made at least one call to a GUI function) are highlighted.Modules
It can display the modules loaded by each process and their properties. It can also find the address of any exported function in a module, change page protection of the module's memory region, and read the module's memory.Token
It can display each process' primary token and its user, source, groups and privileges. It even allows you to enable and disable privileges.Memory
It can display (usingVirtualQueryEx()) the memory regions in a process' virtual memory space, and even read/write data using a built-in hex editor.
Handles
It can display the handles opened by processes and can close them.
Search
Process Hacker also supports saving memory search results and even intersecting (finding common items between) two sets of search results!
Posts
No comments:
Post a Comment