01 December 2009 | 19,897 views

Process Hacker v1.7 Released – Process Viewer & Memory Editor

Cybertroopers storming your ship?

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Key Features

  • Viewing, terminating, suspending and resuming processes.
  • Restarting processes, creating dump files, detaching from any debuggers, viewing heaps, injecting DLLs, etc.
  • Viewing detailed process information, statistics, and performance information.
  • Viewing, terminating, suspending and resuming threads.
  • Viewing detailed token information (including modifying privileges).
  • Viewing and unloading modules.
  • Viewing memory regions.
  • Viewing environment variables.
  • Viewing and closing handles.
  • Viewing, controlling and editing services.
  • Viewing and closing network connections.

System Requirements

  • .NET Framework 2.0
  • Microsoft Windows XP SP2 or above, 32-bit or 64-bit.

You can download Process Hacker v1.7 here:


Or read more here.


Recent in Forensics:
- Rekall – Memory Forensic Framework
- DAMM – Differential Analysis of Malware in Memory
- Malheur – Automatic Malware Analysis Tool

Related Posts:
- Fusil Fuzzer 0.7 – Fuzzing Functions in Python
- eEye Duster – Dead/Uninitialized Stack Eraser
- Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,214 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 33,261 views
- sslsniff v0.6 Released – SSL MITM Tool - 27,160 views

Advertise on Darknet

One Response to “Process Hacker v1.7 Released – Process Viewer & Memory Editor”

  1. d3m4s1@d0v1v0 1 December 2009 at 11:31 am Permalink

    I was playing a little with this tool and looks very interesting. One needs this kind of tools on Windows if wants to see what happens in the core.
    Like always, thanks for the info.