{"id":22360865,"url":"https://github.com/lauralex/kdprocdumper","last_synced_at":"2025-10-15T00:31:43.940Z","repository":{"id":223076698,"uuid":"752877333","full_name":"lauralex/kdprocdumper","owner":"lauralex","description":"My Personal Kernel-Mode Process dumper","archived":false,"fork":false,"pushed_at":"2024-02-18T19:07:52.000Z","size":33,"stargazers_count":11,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-12-04T16:18:58.328Z","etag":null,"topics":["dumper","kernel-driver","process-dump"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lauralex.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2024-02-05T02:30:21.000Z","updated_at":"2024-10-10T05:12:03.000Z","dependencies_parsed_at":"2024-02-18T05:28:11.966Z","dependency_job_id":"a8e4e55b-e743-4391-b13e-8496a611405c","html_url":"https://github.com/lauralex/kdprocdumper","commit_stats":null,"previous_names":["lauralex/kdprocdumper"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lauralex%2Fkdprocdumper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lauralex%2Fkdprocdumper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lauralex%2Fkdprocdumper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lauralex%2Fkdprocdumper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lauralex","download_url":"https://codeload.github.com/lauralex/kdprocdumper/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":236541926,"owners_count":19165764,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dumper","kernel-driver","process-dump"],"created_at":"2024-12-04T16:18:56.225Z","updated_at":"2025-10-15T00:31:43.583Z","avatar_url":"https://github.com/lauralex.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# KDProcDumper\n\n## Overview\nKDProcDumper is a tool for kernel-mode process dumping, it is made of a Kernel-mode component and a User-mode component.\nThe KM component will dump the process memory (only a specific module, provided by the UM component).\nThe UM component communicates with the KM component in the following way:\n- Asks the KM component to get the size of a specific module\n- Asks the KM component to dump that module\n\nFinally, the UM component will fix the PE file, adjusting the section headers, optional header and the debug directory.\n\n## Usage\nYou can load the driver using conventional methods (osr driver loader, sc create...) or by manual mapping (e.g., kdmapper or kdu).\n\n## Note\nThe `PeFileFixer` VS project is just to experiment with the PE file adjustements, only the `ProcDumper` and `UMProcDumper` are actually needed.\n\n## Features\n- Kernel-mode process dumping\n- Specific module dumping\n- IOCTL communication between UM and KM\n- PE file fixes\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flauralex%2Fkdprocdumper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flauralex%2Fkdprocdumper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flauralex%2Fkdprocdumper/lists"}