βββββββββββ
βββββββββββββ
ββββ ββββ ββββββββ ββββββ ββββββ ββββββ βββββ βββββ
βββββββββββ ββββββββββ ββββββββ ββββββββ ββββββββ βββββ βββββ
ββββββββββ ββββ βββ ββββ ββββββββ βββ ββββββββ βββββββ βββββββ
ββββ ββββ ββββ ββββββββ ββββββββββ βββββββ βββββββ
βββββ βββββ ββββββββ ββββββββ ββββββββ ββββββ ββββββ
βββββ βββββ ββββββ ββββββ ββββββ ββββββ ββββββ
βββββ βββ βββββ βββ
βββββ βββ βββββ βββ
ββββ ββββ ββββββββ ββββββββ ββββββ ββββββββ ββββ ββββββ ββββββββ
ββββ βββββ βββββββββββββββββββ ββββββββ βββββββββββββββ ββββββββ ββββββββββ
ββββ ββββ ββββ ββββ ββββ βββ βββββββ ββββ βββ ββββ βββββββ ββββ ββββ
ββββ β ββββ ββββ ββββ ββββ ββββββββ ββββ ββββ ββββββββ ββββ ββββ
βββββββββββ βββββ ββββββββ βββββ ββββββββββ βββββ βββββββββββββββ ββββ βββββ
βββββββββββ βββββ ββββββββ βββββ ββββββββ βββββ βββββ ββββββββ ββββ βββββ
usage: main.exe [options] <argument>
options:
-i, --inspect <name|pid> inspect process by name or PID
-m, --modules <name|pid> list loaded modules (dlls)
-t, --threads <name|pid> list all threads
-k, --kill <name|pid> kill selected process
-p, --parse <name|pid> parse PE structure from process memory
-s, --suspend <name|pid> suspend/resume selected process
-j, --inject <name|pid> [dll] inject dll into process
-x, --hexdump <name|pid> [page] dump process memory in, optional page nr to dump only specific 4kb aligned mem pages
-xw,--hexwrite <name|pid> [address] [hex] overwrite process memory starting at address(without 0x prefix)
-xs,--hexstrings <name|pid> [pid] [minlength] dump strings from process memory, with optinal min length
-l, --list list all running processes
-h, --help display this help message
examples:
> .\main.exe -i not
process 'not' not found
did you mean:
- notepad.exe
> .\main.exe -i notepad.exe
notepad.exe
basic
pid 26216
base priority 8
parent pid 9860 (explorer.exe)
threads 7
elevated no
memory
working set 14692 kb
peak working set 14696 kb
private bytes 3140 kb
pagefile usage 3140 kb
peak pagefile 3172 kb
page faults 3823
i/o counters
read operations 2
write operations 0
other operations 110
read bytes 16 kb
write bytes 0 kb
other bytes 0 kb
handles
handle count 244
gdi objects 23
user objects 27
priority
priority class normal
dep enabled yes (permanent)
path
executable C:\Windows\System32\notepad.exe
file size 196 kb