 |
Refresh processes list |
 |
Do a dump of the selected process.
Raw dump allow you to make partial dump of modules by asking you start address and size of the dump
 |
Use the internal dumping function of WinAPIOverride to dump a hooked process |
|
 |
Convert a dump file to exe or dll
- By removing nonraw parts (default) : remove virtual memory space not present in raw mapping
- By modifying PE : let all the virtual memory space present, and modify the raw mapping of the exe or dll file
|
 |
Kill selected process |
 |
Suspend selected process |
 |
Resume selected process |
 |
Change selected process priority |
 |
Inject a dll into the selected process (=LoadLibrary) |
 |
Eject selected dll of the selected process (=FreeLibrary) |
 |
Get process and thread information from any window/dialog |
 |
Search which processes are using a dll |
 |
Check module or process integrity. |
 |
Allow memory operations on processes See Memory Dialog |
 |
Display modules sections of the selected process |
 |
Allow to do raw disassembly from memory of the selected process |
 |
Go into Kernel mode |
 |
Go into User mode |