Process Hacker v1.8 released

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Version 1.8

NEW/IMPROVED:

  • Ability to set I/O priority for processes and threads
  • No more separate Assistant.exe executable required
  • Signature verification now works on x64
  • Now shows signer names (plus a Verified Signer column)
  • Added proper x64 support to structs reader
  • Added basic preprocessor to structs reader
  • WOW64 modules now appear in Handle/DLL searches
  • Small performance improvements
  • Editing object SACLs is now possible with KProcessHacker

FIXED:

  • #2902988 - "Toolbar not shown after saving options"
  • Find window and select thread sometimes not working
JPEG - 26.9 kb

Key features of Process Hacker

  • Viewing, terminating, suspending and resuming processes.
  • Restarting processes, creating dump files, detaching from any debuggers, viewing heaps, injecting DLLs, etc.
  • Viewing detailed process information, statistics, and performance information.
  • Viewing, terminating, suspending and resuming threads.
  • Viewing detailed token information (including modifying privileges).
  • Viewing and unloading modules.
  • Viewing memory regions.
  • Viewing environment variables.
  • Viewing and closing handles.
  • Viewing, controlling and editing services.
  • Viewing and closing network connections.

Process Hacker runs on both 32-bit and 64-bit Windows, but certain functionality is only available on 32-bit systems, including:

  • Bypassing rootkits and security software when accessing processes, threads, and other objects
  • Viewing kernel pool limits
  • Viewing hidden processes
  • Changing handle attributes
  • Viewing kernel-mode stack traces

System Requirements

  • .NET Framework 2.0
  • Microsoft Windows XP SP2 or above, 32-bit or 64-bit. Please note that certain functionality including detection of hidden processes, full control over all processes and the ability to protect/unprotect processes is only available on 32-bit systems.

Post scriptum

Compliance Mandates

  • Forensics :

    PCI DSS 10.2, 12.9, A.1.4*, SOX DS7, HIPAA 164.308(a)(1) and (a)(6), FISMA IR-7, ISO 27001/27002 13.2.1, 13.2.3
    *Shared Hosting Providers Only


Related Articles

Enumeration
Forensics
Monitoring
Process Hacker