From Collaborative RCE Tool Library

Jump to: navigation, search

Process Heap Viewer

Tool name: Process Heap Viewer
Rating: 0.0 (0 votes)
Author: Nagareshwar                        
Website: http://securityxploded.com/ProcHeapViewer.php
Current version: 2.2
Last updated: January 9, 2009
Direct D/L link: Locally archived copy
License type: Free
Description: This is the tool to enumerate process heaps on windows. It uses much better technique than slower Windows heap API functions which makes it faster and efficient. You can enumerate the heaps from normal Windows processes as well as system services. Its very useful tool for anyone involved in analyzing process heaps. Vulnerability researchers can use it as a side tool for discovering heap related vulnerabilities.

This is standalone tool and does not require any installation.

* Launch ProcHeapViewer by clicking on the binary file. It automatically loads all running processes including services.
* Select any process from the list. Then all the heap nodes for that process will be displayed.
* Now you can click on any of the heap nodes to display all the heap blocks within it.
* Next click on one of the heap block to view its content. You can store this data by clicking on the "save" button. To get back to the main screen, simply click on "close" button.
Related URLs:
Article about the underlying fast heap enumeration technology:
http://securityxploded.com/enumheaps.php


Screenshot:
Screenshot of Process Heap Viewer


RSS feed Feed containing all updates for this tool.

You are welcome to add your own useful notes about this tool, for others to see!

Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/Process_Heap_Viewer"


If you find that any information for the tool above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)

Views
Category Navigation Tree
RCE Tools
   Categorized by Target Type  (176)
   Categorized by Tool Type  (983)
   Anti Anti Test Tools  (15)
   Assemblers  (15)
   Code Coverage Tools  (12)
   Code Injection Tools  (32)
   Code Ripping Tools  (2)
   Crypto Tools  (5)
   Data Extraction Tools  (19)
   Debuggers  (42)
   Decompilers  (20)
   Deobfuscation Tools  (12)
   Dependency Analyzer Tools  (5)
   Diff Tools  (29)
   Disassemblers  (45)
   Dongle Analysis Tools  (24)
   Exe Analyzers  (31)
   Firefox Extensions  (1)
   GUI Manipulation Tools  (16)
   Hardware Reversing Tools  (24)
   Hex Editors  (12)
   IDA Signature Creation Tools  (5)
   Kernel Tools  (13)
   Memory Data Tracing Tools  (6)
   Memory Patchers  (3)
   Memory Search Tools  (7)
   Monitoring Tools  (110)
   Network Tools  (15)
   PE Executable Editors  (79)
   Packers  (16)
   Patch Packaging Tools  (7)
   Profiler Tools  (10)
   Programming Libraries  (32)
   Regular Expression Tools  (3)
   Resource Editors  (12)
   Reverse Engineering Frameworks  (7)
   Source Code Tools  (11)
   String Finders  (5)
   Symbol Tools  (11)
   System Information Extraction Tools  (7)
   Technical PoC Tools  (7)
   Test and Sandbox Environments  (16)
   Tool Extensions  (137)
   Tool Hiding Tools  (5)
   Tool Signatures  (22)
   Tracers  (17)
   Unpacking Tools  (59)
   Needs New Category  (2)