Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
翻译 - 扫描给定的进程。识别并转储各种潜在的恶意植入物(替换/注入的PE,shellcode,hook,内存中的修补程序)。
Dynamic unpacker based on PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
翻译 - 扫描所有正在运行的进程。识别并转储各种潜在的恶意植入(替换/植入的 PE、shellcode、挂钩、内存中的补丁)。
An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
Golang bindings for PE-sieve
A repository containing scripts which allow pe-sieve to log to Windows Event Log.
Python script to extract the C&C configuration from an active Bumblebee process through PE-Sieve
External tests for PE-sieve
A perl implementation of a full Sieve Parser
LordPanther - Process Scanner With YARA && PE-SIEVE
Automatic Reliability Testing for Kubernetes Controllers and Operators
Pigeonhole project: Sieve support for Dovecot.
Converts PE into a shellcode
PE-bear (builds only)
A simple, clean and elegant way to filter Eloquent models.
翻译 - 一种简单,干净,优雅的方法来过滤雄辩的模型。
Open-Source Shellcode & PE Packer
翻译 - 在此处阅读博客文章:https://iwantmore.pizza/posts/PEzor.html
Proof of Concepts (PE, PDF...)
翻译 - 概念验证(PE,PDF ...)
In-Memory PE Loader