NativeDumper

FoxB · #1 06-22-2016, 22:22

also we can use

------------------------------
Process Dump v1.4
Copyright й 2015, Geoff McDonald
http://www.split-code.com/

Process Dump (pd.exe) is a tool used to dump both 32 and 64 bit executable modules back to disk from memory within a process address space. This tool is able to find and dump hidden modules, and it uses a clean hash database to exclude dumping of known clean files. This tool uses an aggressive import reconstruction approach that links all DWORD/QWORDs that point to an export in the process to the corresponding export function.
------------------------------

TechLord · #2 06-24-2016, 09:19

Quote:

Originally Posted by FoxB

also we can use

------------------------------
Process Dump v1.4
Copyright й 2015, Geoff McDonald
http://www.split-code.com/

...

Now actually v1.5 is available...

Direct download link of compiled v1.5 :

http://split-code.com/files/pd_latest.zip

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

The Following User Says Thank You to FoxB For This Useful Post:
niculaita (06-22-2016)

The Following User Says Thank You to TechLord For This Useful Post:
FoxB (06-24-2016)