Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
-
Updated
Jun 14, 2024 - C++
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Portable Executable reversing tool with a friendly GUI
this is a small pe64 file analyzer in c++ with winapi, I didn't do it in the best way but hey, it's a small project like that that I thought was nice to do, the program can work in it calling with arguments or executing it as such.
Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shellcode, memory regions, modules and processes.
A bunch of parsers for PE and PDB formats in C++
Library for parsing internal structures of PE32/PE32+ binary files.
PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
Library for linking multiple PE\PE + files to one
PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports
PE/MZ Header Parser :: A crossplatform Windows PE/MS-DOS MZ Header Parser : Powered by @Pay1oad-repo
Cross-platform library for parsing and building PE\PE+ formats
too busy for that all, furikuri is framework for code protection
Add a description, image, and links to the pe-analyzer topic page so that developers can more easily learn about it.
To associate your repository with the pe-analyzer topic, visit your repo's landing page and select "manage topics."