It is a Linux re-imagining of the classic ProcDump tool from the Sysinternals suite of tools for Windows.
It provides a convenient way for Linux developers to create core dumps of their application based on performance triggers.
Also Read : LOLBAS – Living Off The Land Binaries And Scripts
Installation & Usage
Requirements
Install ProcDump
Via Package Manager [prefered method]
curl https://packages.microsoft.com/keys/microsoft.asc | gpg –dearmor > microsoft.gpg
sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg
Register the Microsoft Product feed
Ubuntu 16.04
sudo sh -c ‘echo “deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-ubuntu-xenial-prod xenial main” > /etc/apt/sources.list.d/microsoft.list’
Ubuntu 14.04
sudo sh -c ‘echo “deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-ubuntu-trusty-prod trusty main” > /etc/apt/sources.list.d/microsoft.list’
sudo apt-get update
sudo apt-get install procdump
Via .deb Package
Pre-Depends: dpkg(>=1.17.5)
Download .deb Package
Ubuntu 16.04
wget https://packages.microsoft.com/repos/microsoft-ubuntu-xenial-prod/pool/main/p/procdump/procdump_1.0.1_amd64.deb
Ubuntu 14.04
wget https://packages.microsoft.com/repos/microsoft-ubuntu-trusty-prod/pool/main/p/procdump/procdump_1.0.1_amd64.deb
Install Procdump
sudo dpkg -i procdump_1.0.1_amd64.deb
sudo apt-get -f install
Uninstall
Ubuntu 14.04+
sudo apt-get purge procdump
Usage
Usage: procdump [OPTIONS…] TARGET
OPTIONS
-C CPU threshold at which to create a dump of the process from 0 to 100 * nCPU
-c CPU threshold below which to create a dump of the process from 0 to 100 * nCPU
-M Memory commit threshold in MB at which to create a dump
-m Trigger when memory commit drops below specified MB value.
-n Number of dumps to write before exiting
-s Consecutive seconds before dump is written (default is 10)
TARGET must be exactly one of these:
-p pid of the process
-w Name of the process executable
Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…
Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…
The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…
Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…
Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…
PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…