Releases: DavidXanatos/TaskExplorer
Build v1.5.3
updated PHlib to version 3.0.7270
Important Note:
this build has a unsigned driver hence it is required to enable test signign mode to use it
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
Build v1.5.2
This build fixes a BSOD bug on windows 10 LTSC 2019
Important Note:
this build has a unsigned driver hence it is required to enable test signign mode to use it
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
Build v1.5.1
This build fixes various bugs.
Important Note:
this build has a unsigned driver hence it is required to enable test signign mode to use it
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Added
- re added kernel debug log dumping
- added more handle information
- added option to block processes from starting using the driver
Fixed
- fixed issue with opening job objects
Build v1.5.0
This build updates the PH Library to 3.0.5553 and adds fixes various minor bugs.
Important Note:
this build has a unsigned driver hence it is required to enable test signign mode to use it
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Changed
- Made Qt6 Compatible
- updated QWT library to v6.2
- updated PHlib to version 3.0.5553
- updated DotNET counter code
Fixed
- fixed issues with GPU usage not being displayed proeprly
- fixed memory leak in RPC Endpoint View
Removed
- removed aility to unprotect protected processes
- removed kernel debug log dumping (will be re added later)
Build v1.4.1
This build updates the PH Library to 3.0.4706 and adds fixes various minor bugs.
Important Note:
I found a new leaked certificate that works this build uses it, if it should happen to become blacklisted in future, please use the test signed driver from 1.0.4
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Fixed
- fixed singleapp not working
- the xprocesshacker.sys driver is now signed with a new certificate and shoudl load on win 11
Changed
- updated PHlib to version 3.0.4706
Build v1.4.0
This build updates the PH Library to 3.0.4365 and adds fixes various minor bugs.
Important Note:
The driver is now only test signed as the leaked certificate was blacklisted in the windows kernel, hence you need to enable test mode to use all of the features.
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Added
- added sandboxie tab with a lot of sandboxie related details
- added option to freeze and unfreeze entire jobs
- added "Original Impersonation Token" menu command to inspect the impersonation token of sandboxed thread
- added rpc view listing all rpc endpoints on the system
- added windows 11 detection
Changed
- replaced all icons
- updated PHlib to version 3.0.4365
Fixed
- fixed issue resolving kernel symbols introduced with 1.3
Buil v1.3.0
This build updates the PH Library to 3.0.3972 and adds fixes various minor bugs.
Important Note:
The xprocesshacker.sys driver must be signed, and since the appropriate certificates are prohibitively expensive, I head to use a leaked code signing certificate I found laying around the Internets. This means some anti malware applications wrongfully flag it as potentially dangerous or a virus.
You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Changed
- changed memory search window layout
- on debug log start stop the lists are now reset
- updated MiscHelpers
- updated PHlib to version 3.0.3972
- updated QWT to version 6.1.6
- updated to use Visual studio 2019
Fixed
- fixed issues with hex string memory search
- fixed issue with updating token privileges
- fixed issues with disabled items in dark mode
- fixed race condition in etw initialization
Buil v1.2.9
This build updates the PH Library to 3.0.3014 and adds minor usability improvements.
Important Note:
The xprocesshacker.sys driver must be signed, and since the appropriate certificates are prohibitively expensive, I head to use a leaked code signing certificate I found laying around the Internets. This means some anti malware applications wrongfully flag it as potentially dangerous or a virus.
If you want TaskExplorer to get a proper EV-Code Signing Certificate please support the project through donations. You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Added
- added highest thread CPU percentage to the CPU column
Changed
- tree graph background in dark mode is also dark now
- updated PHlib to version 3.0.3476
- merged ASLR, DEP, CFG, CET columns into a joined mitigations column
Buil v1.2.8
This build focuses on usability improvements and bug fixes. It solves an issue causing very high CPU usage introduced in the last build. And it introduces some mitigation to the issues caused by the driver not being signed properly.
Important Note:
The xprocesshacker.sys driver must be signed, and since the appropriate certificates are prohibitively expensive, I head to use a leaked code signing certificate I found laying around the Internets. This means some anti malware applications wrongfully flag it as potentially dangerous or a virus.
If you want TaskExplorer to get a proper EV-Code Signing Certificate please support the project through donations. You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos
ChangeLog
Added
- "Original Token" button to inspect the original process token of sandboxed processes
-- SbieDrv driver 5.42 or higher required - added command line option to start multiple instances
- added driver file obfuscation and driver installation dialog
Changed
- reorganized settings pages
- improved sandboxie support implementation
fixed
- fixed excessive CPU usage in new process filter
- fixed outdated data shown in token panel when no token could be obtained
Build v1.2.7
New Update with various usability improvements.
[1.2.7] - 2020-06-13
Added
- Custom run dialog with the ability to inject a DLL when starting process
- Added process filter to proces tree to improve usability
Changed
- description in the process column now shows for svchost.exe instances a list of hosted services
- esc key now clsoes the finder bar in lists
- app id column now displays teh container id if its an app
Fixed
- run dialogs now execute on return press
- error with comctl32
- user connect/login window now hides teh password
- fixed pid in process info window
- modern apps are now properly atributed to the their users