Skip to content

ran-var/Process-Librarian

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
README.md
README.md
 
 
banner.txt
banner.txt
 
 
main.c
main.c
 
 

Repository files navigation

     ███████████                                                                                  
    ░░███░░░░░███                                                                                 
     ░███    ░███ ████████   ██████   ██████   ██████   █████   █████                             
     ░██████████ ░░███░░███ ███░░███ ███░░███ ███░░███ ███░░   ███░░                              
     ░███░░░░░░   ░███ ░░░ ░███ ░███░███ ░░░ ░███████ ░░█████ ░░█████                             
     ░███         ░███     ░███ ░███░███  ███░███░░░   ░░░░███ ░░░░███                            
     █████        █████    ░░██████ ░░██████ ░░██████  ██████  ██████                             
    ░░░░░        ░░░░░      ░░░░░░   ░░░░░░   ░░░░░░  ░░░░░░  ░░░░░░                              
                                                                         
                                                                                                   
              █████        ███  █████                                    ███                      
             ░░███        ░░░  ░░███                                    ░░░                       
              ░███        ████  ░███████  ████████   ██████   ████████  ████   ██████   ████████  
              ░███       ░░███  ░███░░███░░███░░███ ░░░░░███ ░░███░░███░░███  ░░░░░███ ░░███░░███ 
              ░███        ░███  ░███ ░███ ░███ ░░░   ███████  ░███ ░░░  ░███   ███████  ░███ ░███ 
              ░███      █ ░███  ░███ ░███ ░███      ███░░███  ░███      ░███  ███░░███  ░███ ░███ 
              ███████████ █████ ████████  █████    ░░████████ █████     █████░░████████ ████ █████
             ░░░░░░░░░░░ ░░░░░ ░░░░░░░░  ░░░░░      ░░░░░░░░ ░░░░░     ░░░░░  ░░░░░░░░ ░░░░ ░░░░░

usage: main.exe [options] <argument>

options:
-i, --inspect <name|pid> inspect process by name or PID
-m, --modules <name|pid> list loaded modules (dlls)
-t, --threads <name|pid> list all threads
-k, --kill <name|pid> kill selected process
-p, --parse <name|pid> parse PE structure from process memory -s, --suspend <name|pid> suspend/resume selected process
-j, --inject <name|pid> [dll] inject dll into process
-x, --hexdump <name|pid> [page] dump process memory in, optional page nr to dump only specific 4kb aligned mem pages
-xw,--hexwrite <name|pid> [address] [hex] overwrite process memory starting at address(without 0x prefix)
-xs,--hexstrings <name|pid> [pid] [minlength] dump strings from process memory, with optinal min length
-l, --list list all running processes
-h, --help display this help message

examples:

> .\main.exe -i not

process 'not' not found
did you mean:
  - notepad.exe

> .\main.exe -i notepad.exe

notepad.exe
basic
  pid                    26216
  base priority          8
  parent pid             9860 (explorer.exe)
  threads                7
  elevated               no

memory
  working set            14692 kb
  peak working set       14696 kb
  private bytes          3140 kb
  pagefile usage         3140 kb
  peak pagefile          3172 kb
  page faults            3823

i/o counters
  read operations        2
  write operations       0
  other operations       110
  read bytes             16 kb
  write bytes            0 kb
  other bytes            0 kb

handles
  handle count           244
  gdi objects            23
  user objects           27

priority
  priority class         normal
  dep enabled            yes (permanent)

path
  executable             C:\Windows\System32\notepad.exe
  file size              196 kb

About

Windows process analysis tool with built in DLL injector and PE parser

Topics

windows modules process dll-injection threads hexviewer

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages