KsDumper is a dumping processes using the power of kernel space. It is a custom driver that would allow me to copy the process memory without using OpenProcess. Features Dump any process main module using a kernel driver (both x86 and x64) Rebuild PE32/PE64 header and sections Works on protected system processes & processes with …
Continue reading “KsDumper : Dumping Processes Using The Power Of Kernel Space”