Winreader
Winreader is a process memory reader and debugger for Windows, implemented and developed in the Rust language, using the official Microsoft Rust API.
Winreader is able to return information such as: process path, memory address, buffer address and size of allocated memory
Process Path | Memory Address |
Stack Value | Allocated Memory (MiB) |
Dependencies (DLLs, modules), that the process is using | Value of assembly Registers (x86_64) in frame |
Usage
All information you need to use winreader is the PID (Process Identifier) of the program that will be read, you can use Windows Task Manager or PowerShell's tasklist command.
winreader --help
winreader: Read buffer memory in processes on Windows
Usage: winreader.exe [PID]
Arguments:
[PID] Program Process Identifier
Options:
-h, --help Print help
-V, --version Print version
A file called WINREADER-DATE.txt
will be created inside the directory where the winreader.exe
is located, with all buffer memory information.
TODO
Tool | Description |
---|---|
GUI | Intent to move software from CLI to GUI, using WinAPI. |
PRs are very welcome!
Install
The purpose and main focus of winreader is only for Windows NT operating system, to install it you will need rust:
- Rust (rustup)
Or you can just download the release executable:
Also the project is on crates.io:
cargo install winreader
License
Winreader is licensed under the MIT License - see the LICENSE.md file for details