Skip to content

heaper, an advanced heap analysis plugin for Immunity Debugger

Notifications You must be signed in to change notification settings

wchen-r7/heaper

 
 

Repository files navigation

About

heaper is an Immunity Debugger plugin that is designed to help analyse heap structures under the windows environment. Often, exploitation of windows heap overflows and other vulnerabilities associated with the heap are very complex due to the dynamic nature of the heap manager.

With heaper, you can quickly visualize heap data structures, hook important heap api and determine possible exploitation paths. It is designed for analysts looking to determine the heap layout in a target process.

Currently there is full support for Windows XP. In the near future it will support Windows 7/8 heap managers.

Setup

You will need to install the following prerequisites:

Then once you have completed that, copy heaper.py into your immunity debugger pycommands directory typically: 'C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands'.

Usage

simply start heaper by executing '!heaper' in Immunity Debuggers command window.

Screenshots

heap usage heaper hooking RtlAllocateHeap heaper viewing the lookaside[0x123]

License

'heaper' is available under the GPLv3 license, please see the included file gpl-3.0.txt for details.

About

heaper, an advanced heap analysis plugin for Immunity Debugger

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published