Nyuki Android Process Dumper (AProcDump)


The Nyuki Android Process Dumper (AProcDump) is a user-mode software application that runs natively on Android devices and is capable of acquiring the volatile memory of processes without the need for compiling and installing any kernel modules. This application is not a replacement to full physical memory acquisition but rather a quick drop-and-execute alternative. The Nyuki Android Process Dumper can be compiled once and used across multiple Android platforms. It can be executed through the Android Debug Bridge (ADB) and supports various methods of extraction. As always, this application requires root access on the device's Operating System.

 

Application Features (Current Release)

  • Output memory into a file, network stream or standard output
  • List a process' allocated modules and heaps
  • Acquire memory of specific maps given their name
  • Selectively filter memory regions based on permissions and allocation type
  • Acquire specific memory regions given a memory range

Screenshots

User Guide

A copy of the initial user guide can be downloaded from here

Source Code

You may find the source code of this application at the following link:

GitHub

Or, you may download the source code by executing the following command:

git clone https://github.com/georgenicolaou/aprocdump.git

 

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.