Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
翻译 - 扫描给定的进程。识别并转储各种潜在的恶意植入物(替换/注入的PE,shellcode,hook,内存中的修补程序)。
Portable Executable reversing tool with a friendly GUI
A bunch of parsers for PE and PDB formats in C++
DWARF Explorer - a GUI utility for navigating the DWARF debug information
Library for parsing internal structures of PE32/PE32+ binary files.
PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
too busy for that all, furikuri is framework for code protection
Cross-platform library for parsing and building PE\PE+ formats
PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports
A scanner that files with compromised or untrusted code signing certificates written in python.
Library for linking multiple PE\PE + files to one
Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shel...
this is a small pe64 file analyzer in c++ with winapi, I didn't do it in the best way but hey, it's a small project like that that I thought was nice to do, the program can work in it calling with ar...
Static file analysis for PE files
PE/MZ Header Parser :: A crossplatform Windows PE/MS-DOS MZ Header Parser : Powered by @pay1oad-repo
MasamunpeX Linux
Binary executable tool