[forward] Process Heap Viewer

[forward from] https://www.openrce.org/downloads/details/252

This is the tool to enumerate process heaps on windows. It uses much better technique than slower Windows heap API functions which makes it faster and efficient. You can enumerate the heaps from normal Windows processes as well as system services. Its very useful tool for anyone involved in analyzing process heaps. Vulnerability researchers can use it as a side tool for discovering heap related vulnerabilities.

Now it comes with integrated search feature which makes it easy to find ASCII as well as Unicode strings within the heap blocks.

This is standalone tool and does not require any installation.

    * Launch ProcHeapViewer by clicking on the binary file. It automatically loads all running processes including services.
    * Select any process from the list. Then all the heap nodes for that process will be displayed.
    * Now you can click on any of the heap nodes to display all the heap blocks within it.
    * Next click on one of the heap block to view its content. You can store this data by clicking on the "save" button. To get back to the main screen, simply click on "close" button.

[download page] http://securityxploded.com/download.php#procheapviewer

and here is also a local copy: (please download the below 'x' jpg and rename the .jpg to ProcHeapViewer_v3.5.zip)