资 源 简 介
About HiperDrop
HiperDrop is a simple Windows console application that can be used to acquire a full memory dump and a memory map of a process. In current version HiperDrop can attach to a process in two different ways (OpenProcess or via the debugger API), download the memory using two searching "algorithms" (VirtualQueryEx or just "brute force" page-by-page) and write the output in three different ways (file per region, one file or one big file). For details on each method please check below.
P.S. Current version supports only 32-bit processes. 64-bit support is on the ToDo list.
Attachment methods
Currently there are two supported attachment methods:
OpenProcess, Option -o (DEFAULT)
Attachment to a process is done using OpenProcess with two flags:
* P
