mdmp - open-source x86 memory/process (command-line) dumper with Python bindings

libmdmp is a C library designed to dump process memory on Windows.

mdmp.exe is a command-line tool exposing most functionality in libmdmp (process/stack/heap/random-mem-address dumping).

pymdmp.pyd is a Python wrapper (only built for 2.7 as of now, trivial to adapt to any 2.x) exposing the memory-dumping functionality in Python.

Example usage:

mdmp:
mdmp.exe /n:explo /e:kernel
- will dump all modules (DLLs) whose name contains "kernel" from all the processes whose name contains "explo"

pymdmp:
import pymdmp
lst = pymdmp.dump(pymdmp.SEL_BY_NAME, pymdmp.DUMP_IMAGE_BY_NAME, 0, processName="explo", moduleName="kernel")
- will return in lst a list of tuples (<process_name>, <PID>, <dump-start-address>, <dump-data>)

Delphi bindings are planned. Feedback is welcome @ vtopan/gmail.

http://code.google.com/p/mdmp/downloads/detail?name=mdmp-0.2.1-alpha-binaries.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха

[招生]科锐逆向工程师培训(2024年11月15日实地，远程教学同时开班, 第51期)