libpeconv · GitHub Topics

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

翻译 - 扫描给定的进程。识别并转储各种潜在的恶意植入物（替换/注入的PE，shellcode，hook，内存中的修补程序）。

pe-format hooking pe-dumper pe-analyzer libpeconv process-analyzer scans anti-malware pe-sieve malware-analysis memory-forensics

C++ 3.25 k

14 天前

hasherezade / libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

pe-file pe-format libpeconv pe-loader manual-mapping

C++ 1.18 k

7 天前

hasherezade / dll_to_exe

Converts a DLL into EXE

libpeconv pe-file

C++ 803

2 年前

hasherezade / mal_unpack

Dynamic unpacker based on PE-sieve

libpeconv pe-sieve memory-forensics malware-unpacker malware-analysis

C 707

1 个月前

hasherezade / libpeconv_tpl

A ready-made template for a project based on libpeconv.

libpeconv

C++ 44

19 天前

hasherezade / loaderine

A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.

libpeconv

C 19

7 年前

hasherezade / libpeconv_wrappers

A ready-made template for a new project based on libPeConv library

libpeconv

C++ 7

6 年前