Process Hacker v188.8.131.52 released
Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!
Process Hacker can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit.
This release supports:
- Running a program as almost any user, including SYSTEM, LOCAL
SERVICE and NETWORK SERVICE.
- Viewing, terminating, suspending and resuming processes
- Viewing, controlling and deleting services
- Viewing/enabling/disabling/removing process privileges
- Viewing process groups
- Inspecting PE files (exe/dll/ocx/sys files)
- Viewing, terminating, suspending and resuming threads
- Viewing and closing process handles
- Viewing modules, finding the address of an exported function, changing page protection, reading memory and viewing file properties
- Viewing memory regions, changing page protection and reading and writing
- Searching through process memory, either using literal data or regular expressions
- Scanning for strings inside process memory
- Getting heap information
- Viewing DEP status and other additional information.
Process Hacker comes with an "Assistant" application which is used
when launching programs as other users.
v184.108.40.206 changelog :
- New CPU and I/O history columns
- New System Cache value in System Information
- #2625167 - "Commit charge limit should not be 16EB"
- #2642385 - "Maximum File Cache size should not be 16EB"
- Minimize size of the System Information window
- Settings were lost between versions
- Handle and memory leaks
- Integer overflows in System Information
Here is a kind of powerful utility i’d like to use in my binary security assessments. very useful to see the process "behind of scenes".
Dissecting binaries is made easier with Process Hacker.