Process Hacker 1.3.6.1

Process Hacker is a tool for viewing and manipulating processes and their threads, modules, memory and handles, and viewing and editing services. It can also search through process memory:

for a sequence of bytes,
using regular expressions,
for strings, or
for heap blocks
It can run programs as another user or as SYSTEM, LOCAL SERVICE or NETWORK SERVICE if you have administator privileges. This is achieved using a helper program which is installed as a system service (similar to PsExec).

It loads symbols from various libraries automatically and uses them when displaying the call stacks of threads (just like Process Explorer). It also has a disassembler derived from OllyDbg's which can be accessed when viewing PE files' exports.

System Requirements

• .NET Framework 2.0
• Microsoft Windows XP or above
• 1GB or more of total RAM if you want to read/write or search memory
• 2 CPUs (physical or multi-core) if you want to read/write or search memory

Download

Stable

The latest stable version of Process Hacker is 1.3.6.0.

• Binary
• Setup
• Source code

Processes

Process Hacker can terminate, suspend, resume, restart and set the priority of processes.

Threads

It can also terminate, suspend, resume and set the priority of threads. It can also view threads' call stacks and their usernames/privileges/groups if they are impersonating another user.

Modules

It can display the modules loaded by each process and their properties. It can also find the address of any exported function in a module, change page protection of the module's memory region, and read the module's memory.

Token

It can display each process' primary token and its user, source, groups and privileges. It even allows you to enable and disable privileges.

Memory

It can display (using VirtualQueryEx()) the memory regions in a process' virtual memory space, and even read/write data using a built-in hex editor.

Handles

It can display the handles opened by processes and can close them.

Search

Process Hacker also supports saving search results and even intersecting (finding common items between) two sets of search results!