process tree rebuilder — free browser tool | fatcousin

scan memory dump for EPROCESS tags · rebuild process tree

drop memory dump

Drop .dmp / .vmem / .raw memory dump

heuristic scan for Windows EPROCESS pool tags

Select file

status

drop a Windows memory dump (.dmp, .vmem, .raw, .mem)