A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
Converts a DLL into EXE
A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
A ready-made template for a project based on libpeconv.
Dynamic unpacker based on PE-sieve
A ready-made template for a new project based on libPeConv library
Golang version of https://github.com/hasherezade/libpeconv
Demo projects and utilities made with the help of libPeConv
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
翻译 - 扫描给定的进程。识别并转储各种潜在的恶意植入物(替换/注入的PE,shellcode,hook,内存中的修补程序)。