Loading Remote AES Encrypted PE in memory , Decrypted it and run it
The PE file analysis toolkit
peinjector - MITM PE file infector
Brother PES file converter
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
翻译 - Unicorn PE是一个基于独角兽的检测项目,旨在模拟Windows PE文件的代码执行。
Basic utility code for reading and modifying PE files (EXE, DLL, ...)
pefile is a Python module to read and work with PE (Portable Executable) files
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
PE File Blessing - To continue or not to continue
Run a Exe File (PE Module) in memory (like an Application Loader)
InfectPE - Inject custom code into PE file [This project is not maintained anymore]
manual load a pe file into memery and exec it
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
翻译 - Process Ghosting - 一种 PE 注入技术,类似于 Process Doppelgänging,但使用待删除文件而不是事务文件
C++/ CLI implementation of my read EOF Data from PE File lib.
Little project that use my tiny library to handle PE File EOF Data.
Converts PE into a shellcode
PE-bear (builds only)
Open-Source Shellcode & PE Packer
翻译 - 在此处阅读博客文章:https://iwantmore.pizza/posts/PEzor.html
Proof of Concepts (PE, PDF...)
翻译 - 概念验证(PE,PDF ...)