Pages

Monday, May 18, 2015

WinObjEx64 (kernelmode.info)

Windows Object Explorer 64-bit (WinObjEx64) from kernelmode.info.
http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3751

Quote(kernelmode.info):
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace.
For certain object types, you can double-click on it or use the "Properties..."
toolbar button to get more information, such as description, attributes, resource usage etc.
WinObjEx64 let you view and edit object-related security information if you have required access rights.

System Requirements:
WinObjEx64 does not require administrative privileges. However administrative privilege is required
to view much of the namespace and to edit object-related security information.
WinObjEx64 works only on the following x64 Windows:
Windows 7, Windows 8, Windows 8.1 and Windows 10, including Server variants.
WinObjEx64 does not work on Windows XP, Windows Vista is partially supported.
We have no plans of their full support.
In order to use all program features Windows must be booted in the DEBUG mode.

Build:
WinObjEx64 comes with full source code.
In order to build from source you need Microsoft Visual Studio 2013 U4 and later versions.

Authors:
(c) 2015 WinObjEx64 Project
Original WinObjEx (c) 2003 - 2005 Four-F

Acknowledgements:
We would like to thanks the following people for their contributions (in the alphabetical order):

Andrew Ivlev aka Four-F - author of the original x86-32 WinObjEx
Giuseppe Bonfa aka Evilcry - KDSubmarine author
Mark Russinovich - author of the original proof-of-concept tool WinObj
Microsoft WinDBG developers team

Source and compiled binary here:
https://github.com/hfiref0x/WinObjEx64

Project files SHA1 https://github.com/hfiref0x/WinObjEx64/ ... /SHA1.hash

Copyrights:
WinObjEx64 developed by WinObjEx64 Project group, in the alphabetical order:

EP_X0FF
MP_ART

This program uses Windows Debugger Local Kernel Debugging Driver © Microsoft Corporation.
Please use this thread for bugreports. Also take a note that Windows 10 is supported *AS IS*
since it wasn't released yet, official support will be added after official release.