Process Dump
Dumps memory components from specific processes or from all processes currently running. Supports creation and use of a clean-hash database, so that dumping of all the clean files such as kernel32.dll can be skipped.
Features
- Process Monitoring
Process Dump News & Activities
Recent activities
Process Dump information
Developed by
Geoff McDonaldLicensing
Open Source (MIT) and Free product.Written in
Alternatives
2 alternatives listedSupported Languages
- English
AlternativeTo Category
DevelopmentGitHub repository
- 1,808 Stars
- 275 Forks
- 13 Open Issues
- Updated
What is Process Dump?
Process Dump works for Windows 32 and 64 bit operating systems and can dump memory components from specific processes or from all processes currently running. Process Dump supports creation and use of a clean-hash database, so that dumping of all the clean files such as kernel32.dll can be skipped. It's main features include:
Dumps code from a specific process or all processes. Finds and dumps hidden modules that are not properly loaded in processes. Finds and dumps loose code chunks even if they aren't associated with a PE file. It builds a PE header and import table for the chunks. Reconstructs imports using an aggressive approach. Can run in close dump monitor mode ('-closemon'), where processes will be paused and dumped just before they terminate. Multi-threaded, so when you are dumping all running processes it will go pretty quickly. Can generate a clean hash database. Generate this before a machine is infected with malware so Process Dump will only dump the new malicious malware components.