Sunday, November 18, 2012

[VSD] (Virtual Section Dumper) Just another Virtual Section Dumper for Windows Processes

What's VSD?

VSD (Virtual Section Dumper) is intented to be a tool to visualize and dump the memory regions of a running 32 bits or a 64 bits process in many ways. For example, you can dump the entire process and fix the PE Header, dump a given range of memory or even list and dump every virtual section present in the process.
Usage of VSD can be found here

Screenshots

VSD x86

Main window

Loaded modules


Handles

Threads

Patch

VSD x64



Latest changes

VSD x86

Version: 2.1 (18/11/2012)
  • Added "Ignore unnamed objects" in the window handles.
  • Added "Set Priority" feature in order to set the priority of a given process. issue 8
  • Added "Suspend process" and "Resume process" features. issue 10
  • Added "Suspend all threads before dumping". Using this option you can suspend the execution of a given process before to dump it. issue 5
  • Added updatevsd.exe. More information can be found here
Version: 2.0 (01/04/2012)
  • Added a menu bar.
  • Added a module list viewer.
  • Added Dump Full and Dump Partial over a specific module.
  • Added sorting feature in the module list viewer.
  • Added a handle list viewer.
  • Added sorting feature in the handle list viewer.
  • Added a thread list viewer.
  • Added Resume, Terminate and Suspend functions in the thread list viewer.
  • Added the "Patch" feature.
  • Bugfixes in some functions.
  • Code refactoring in some functions. The code still needs a lot of improvements :P
Version: 1.1
  • Fixed a bug in the PastePEHeader() function when calculating the offset of the original PE Header.
Version: 1.0
  • First stable release (I hope so :)

VSD x64

Version: 1.0
  • First stable release. 

Download Virtualsectiondumper

http://code.google.com/p/virtualsectiondumper/downloads/list

No comments:

Post a Comment