PDA

View Full Version : Dumping memory with Windbg


AttonRand
July 9th, 2012, 15:27
Hello,
my question is very simple. Is it possible to make a "Full Dump" (like PETools or LordPE) with Windbg or a tool included in Sysinternals suite?
So far i only discovered the .writemem command but it is not very useful. the ProcDump included in the sysinternals saves only .dmp files and i don't know if it possible to extract the exe from them.

Any help?