Process-Dump
Process-Dump copied to clipboard
glmcdona
Windows tool for dumping malware PE files from memory back to disk for analysis.
hi any chance we can do drag and drop a .exe file into program to dump and then it all once done instead of running the .exe file first and...
Hello, I'm trying to dump the packed executable, and among other things, I encounter OEP set to 0x00000000 and IAT messed up. I currently do the following, 1. Close all...
An option to dump closed modules that were loaded AFTER -closemon was initiated would be great for detecting and dumping modules... it seems this program only hooks and dumps modules...
Here is the code: https://github.com/glmcdona/Process-Dump/blob/master/pd/dump_process.cpp#L793 The code is `import_summary.COUNT_UNIQUE_IMPORT_ADDRESSES >= 2` but idk is this should be `>= 5` to match the comment But my real question is why it...
Kindly why i can not dump .net packed process, it generates only hidden modules?
Dumping the main Spotify.exe is creating a ~2GB file. Investigate why this is and add more smart safety limits.
Process Dump hooks NtTerminateProcess and injects a executable region used to handle the hook. When Process Dump then dumps this process on terminate, it will find it's own executable region...
Sometimes a process starts and closes before process dump and dump it. Add a hook or something to CreateProcess to add a delay before resuming on start.
Latest version of Process Dump close monitor (pd64.exe -closemon) is crashing csrss.exe on both x86 and x64.
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 4.1.7. Release notes Sourced from actions/download-artifact's releases. v4.1.7 What's Changed Update @actions/artifact dependency by @bethanyj28 in actions/download-artifact#325 Full Changelog: https://github.com/actions/download-artifact/compare/v4.1.6...v4.1.7 v4.1.6 What's Changed updating @actions/artifact...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}