Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.
- Viewing, terminating, suspending and resuming processes.
- Restarting processes, creating dump files, detaching from any debuggers, viewing heaps, injecting DLLs, etc.
- Viewing detailed process information, statistics, and performance information.
- Viewing, terminating, suspending and resuming threads.
- Viewing detailed token information (including modifying privileges).
- Viewing and unloading modules.
- Viewing memory regions.
- Viewing environment variables.
- Viewing and closing handles.
- Viewing, controlling and editing services.
- Viewing and closing network connections.
- .NET Framework 2.0
- Microsoft Windows XP SP2 or above, 32-bit or 64-bit.
You can download Process Hacker v1.7 here:
Or read more here.
- Rekall – Memory Forensic Framework
- DAMM – Differential Analysis of Malware in Memory
- Malheur – Automatic Malware Analysis Tool
- Fusil Fuzzer 0.7 – Fuzzing Functions in Python
- eEye Duster – Dead/Uninitialized Stack Eraser
- Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions
Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,214 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 33,261 views
- sslsniff v0.6 Released – SSL MITM Tool - 27,160 views