atrexus/vulkan — reverse-engineered prompt

Reverse engineered prompt

Build me a Windows command line utility called Vulkan that can dump a PE image from a running process's memory and rebuild it into a usable file on disk. It should work for normal loaded modules too, but the main goal is handling apps protected by user mode anti tamper systems like Hyperion and Theia by repeatedly reading encrypted or inaccessible code pages until the image is restored.

I want the tool to let me choose a target process, optionally choose an output file, and show a clear help screen. Add an option to stop the decryption pass automatically once a chosen completion threshold is reached, since some targets can loop forever, and another option to resolve imports for the main module and write the rebuilt import table into the dumped file. Make it usable from the terminal on Windows x64, with sensible messages and defaults. Look up current docs online if you need to.

Want more depth? Deep Reverse