you can read the mem file with the xxd program

in this example i'm going to read the heap of a program

$ cd /proc/<the-pid> $ cat maps | grep heap 55fe7eec6000-55fe7eee7000 rw-p 00000000 00:00 0 [heap] $ $ sudo xxd -s 0x55fe7eec6000 -l $((0x55fe7eee7000 - 0x55fe7eec6000)) mem | less 

• flag s: seek offset position 0x05..7000
• flag l: is the length. The last position (0x5..7000) minus the start position (0x5..6000)
• mem: file
• | less: visualize the output with less

you can read the mem file with the xxd program

in this example i'm going to read the heap of a program

$ cd /proc/<the-pid> $ cat maps | grep heap 55fe7eec6000-55fe7eee7000 rw-p 00000000 00:00 0 [heap] $ $ sudo xxd -s 0x55fe7eec6000 -l $((0x55fe7eee7000 - 0x55fe7eec6000)) mem | less 

• flag s: seek offset position 0x05..6000
• flag l: is the length. The last position (0x5..7000) minus the start position (0x5..6000)
• mem: file
• | less: visualize the output with less

you can read the mem file with the xxd program

in this example i'm going to read the heap of a program

$ cd /proc/<the-pid> $ cat maps | grep heap 55fe7eec6000-55fe7eee7000 rw-p 00000000 00:00 0 [heap] $ $ sudo xxd -s 0x55fe7eec6000 -l $((0x55fe7eee7000 - 0x55fe7eec6000)) mem | less 

• flag s: skip all memory before 0x05..7000
• flag l: is the length. The last position (0x5..7000) minus the start position (0x5..6000)
• mem: file
• | less: visualize the output with less

you can read the mem file with the xxd program

in this example i'm going to read the heap of a program

$ cd /proc/<the-pid> $ cat maps | grep heap 55fe7eec6000-55fe7eee7000 rw-p 00000000 00:00 0 [heap] $ $ sudo xxd -s 0x55fe7eec6000 -l $((0x55fe7eee7000 - 0x55fe7eec6000)) mem | less 

• flag s: seek offset position 0x05..7000
• flag l: is the length. The last position (0x5..7000) minus the start position (0x5..6000)
• mem: file
• | less: visualize the output with less