Git Product home page Git Product logo

nemesis's Introduction

Nemesis

A customizable process dumper.

alt

Usage

Just select whatever you want (Process, Dll, Driver, ...) and click on the dump button. If it was successful, you can load the file into decompilers like IDA Pro, Ghidra or Binary Ninja. Some of these programs are available for free, but of course they won't be as good as the paid ones. Here's a short list of the different versions:

Paid:

Free:

Note: If you want another decompiler added, feel free to create a pull request or issue.

Features

General

  • Both x86 and x64
  • Dump:
    • Processes
    • Modules
    • Memory
    • Drivers
  • PE Rebuild
  • Switch memory sources

Application

  • Simple and intuitive design

  • Custom locations

  • Sortable lists

  • Keyboard shortcuts

  • Customizable GUI

  • Dark mode

Memory Sources

Problem

First of all, there's not really a public driver dumper, so you either had to rely on other people dumping them for you or write a dumper yourself. However, to be able to dump drivers, you need to have a kernel mode driver. It can be really annnoying if you just want to dump a simple process, if you have to load your driver beforehand.

Of course there's tools which only dump processes with/without a kernel driver, but you'd need to install like 3 different programs just to be prepared for all situations.

Solution

With Nemesis, you can simply switch memory sources with a single mouse click and use whatever you need. This does not only save you some time, but also a lot of disk space.

If you want to dump it with physical memory or via a hypervisor? Simply add a new memory source and you are good to go.

Exports

Nemesis is also available as a dump library. If you want to implement a dumper, but don't want to mess with low level stuff, simply load the dll and use the following imports.

ConfigExport

DriverExport

DumpExport

MemorySourceExport

ProcessExport

Keyboard Shortcuts

CTRL+D - Dump the selected process or driver

CTRL+R - Refresh the process and driver list

CTRL+ALT+S - Open the settings

Disclaimer

Use at your own risk. It might destroy the Earth.

References

nemesis's People

Contributors

laxodev avatar not-matthias avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.