#十六进制编辑器#PE Tools - Portable executable (PE) manipulation toolkit
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
翻译 - Process Ghosting - 一种 PE 注入技术,类似于 Process Doppelgänging,但使用待删除文件而不是事务文件
Portable Executable (PE) library written in .Net
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
翻译 - Transacted Hollowing - 一种 PE 注入技术,混合了 ProcessHollowing 和 ProcessDoppelgänging
#计算机科学#Malware Data Science Reading Diary / Notes
POC of a better implementation of GetProcAddress for ntdll using binary search
A Malware classifier dataset built with header fields’ values of Portable Executable files
#计算机科学#A Machine Learning approach for classifying a file as Malicious or Legitimate
PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
Dump certificates from PE files in different formats
A malware dataset curation tool which helps identify packed samples.
ProcessGhosting 技术的 rust 实现版本
#计算机科学#This project is Malware detection API using ML and CNN techniques
#计算机科学#Detecting Malware in PE files
#十六进制编辑器#Hex Workshop editor's structure library for the Microsoft's Portable Executable format.