OpenText product name changes coming to the community soon! Learn more.

Wikis - Page

Process Heap Viewer

0 Likes

ProcHeapViewer is a fast heap enumeration tool which uses better technique than normal Windows heap API functions. It is very useful tool for anyone especially developers involved in analyzing process heaps and makes it easy to troubleshoot any heap related problems.



Traditional Windows heap enumeration functions are slower and take lot of time while traversing large number of heap blocks. ProcHeapViewer removes those flaws by using better implementation based on reverse engineering of heap API functions.



Now it comes with integrated search feature which makes it easy to find ASCII as well as Unicode strings within the heap blocks.




Using ProcHeapViewer:



Launch ProcHeapViewer by clicking on the binary file. It automatically loads all running processes including services.




  • Select any process from the list. Then all the heap nodes for that process will be displayed.

  • Now you can click on any of the heap nodes to display all the heap blocks within it.

  • Next click on one of the heap block to view its contents. You can store its contents by clicking on the ‘save’ button. To get back to the main screen, simply click on ‘close’ button.

  • Use the ‘Find’ button to search for ASCII as well as Unicode strings within the heap blocks.



Screenshots:



ProcessHeapViewer1

ProcessHeapViewer2


Labels:

How To-Best Practice
Comment List
Related
Recommended