Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
翻译 - 扫描给定的进程。识别并转储各种潜在的恶意植入物(替换/注入的PE,shellcode,hook,内存中的修补程序)。
Portable Executable reversing tool with a friendly GUI
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
The BEST DLL Injector Library.
PE file viewer/editor for Windows, Linux and MacOS.
Principled, lightweight C/C++ PE parser
A ⚡ lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
flat assembler g - adaptable assembly engine
Persistent IAT hooking application - based on bearparser
A bunch of parsers for PE and PDB formats in C++
Library for parsing internal structures of PE32/PE32+ binary files.
PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
Python implementation of the Packed Executable iDentifier (PEiD)
SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine st...
#计算机科学#A neural approach to malware detection in portable executables
Cross-platform library for parsing and building PE\PE+ formats
#计算机科学#Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection