文件名称:TraceHook
介绍说明--下载内容均来自于网络,请自行研究使用
windows进程内存转储(dump)工具,它能够附加到进程,读取进程的整个内存,然后,将进程整个内存的数据保存到磁盘上。该工具不同于LordPE 和OllyDump,因为它可以下载进程的整个内存到磁盘上。-windows process memory dump (dump) tool, which can be attached to the process, read the entire memory of the process, and then the entire memory of the process data is saved to disk. The the tool unlike LordPE Ollydump because it can download the entire process memory to disk.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
bin
...\TraceHook.exe
...\TraceHook.sys
src
...\driver.c
...\driver.h
...\krnl_def.h
...\MAKEFILE
...\SOURCES
...\TraceHook.cpp
CHANGELOG
TODO