What's VSD?
VSD (Virtual Section Dumper) is intented to be a tool to visualize and dump the memory regions of a running 32 bits or a 64 bits process in many ways. For example, you can dump the entire process and fix the PE Header, dump a given range of memory or even list and dump every virtual section present in the process.
Usage of VSD can be found here
Screenshots
VSD x86
Main windowLoaded modules
Handles
Threads
Patch
VSD x64
Latest changes
VSD x86
Version: 2.1 (18/11/2012)- Added "Ignore unnamed objects" in the window handles.
- Added "Set Priority" feature in order to set the priority of a given process. issue 8
- Added "Suspend process" and "Resume process" features. issue 10
- Added "Suspend all threads before dumping". Using this option you can suspend the execution of a given process before to dump it. issue 5
- Added updatevsd.exe. More information can be found here
- Added a menu bar.
- Added a module list viewer.
- Added Dump Full and Dump Partial over a specific module.
- Added sorting feature in the module list viewer.
- Added a handle list viewer.
- Added sorting feature in the handle list viewer.
- Added a thread list viewer.
- Added Resume, Terminate and Suspend functions in the thread list viewer.
- Added the "Patch" feature.
- Bugfixes in some functions.
- Code refactoring in some functions. The code still needs a lot of improvements :P
- Fixed a bug in the PastePEHeader() function when calculating the offset of the original PE Header.
- First stable release (I hope so :)
VSD x64
Version: 1.0- First stable release.
No comments:
Post a Comment