Overview

Thanatos is a lightweight, Windows-focused memory analysis and process inspection tool built with Rust and egui. It provides a modern interface for analyzing running processes and their memory regions, making it useful for debugging, reverse engineering, and process analysis tasks.

Key Features

Process Management

• Real-time process list viewing
• Process filtering and search functionality
• Basic process information display (PID, Process Name, Memory Usage)
• System process filtering option

Memory Analysis

• Comprehensive memory region mapping
• Memory protection flags display (Read/Write/Execute)
• Region size and address information
• Memory content analysis:
  • Pattern detection
  • Code signatures
  • String detection
  • Entropy analysis

Memory Inspection

• Real-time hex viewer
• Combined hex and ASCII display
• Memory region navigation
• Protection flags visualization
• Suspicious region highlighting

User Interface

• Modern, dark-themed interface
• Process list with search functionality
• Memory map visualization
• Real-time memory content viewing
• Responsive layout with resizable panels

Technical Details

Built with Rust for performance and safety, it provides a modern interface for analyzing running processes and their memory regions

Getting Started

Check out the project on GitHub for installation instructions and documentation. The tool comes with example memory dumps and tutorials to help you get started with memory forensics.