Repository navigation

#

pe-format

hasherezade / pe-sieve 

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

pe-formathookingpe-dumperpe-analyzerlibpeconvprocess-analyzerscansanti-malwarepe-sievemalware-analysismemory-forensics
C++
3405
3 个月前
hasherezade / pe-bear 

Portable Executable reversing tool with a friendly GUI

pe-filepe-formatpe-analyzerpe-analyzer-guipe-editormultiplatformmalware-analysisbearparser
C++
3225
4 个月前
hasherezade / libpeconv 

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

pe-filepe-formatlibpeconvpe-loadermanual-mapping
C++
1267
3 个月前
guidedhacking / GuidedHacking-Injector 

The BEST DLL Injector Library.

dll-injectionmanual-mappingshellcode-injectionpe-loaderpe-formatDLL Injectorgame-hackinginjectioninjector
C++
1221
3 个月前
horsicq/XPEViewer
horsicq / XPEViewer 

PE file viewer/editor for Windows, Linux and MacOS.

portable-executablepe-format逆向工程disassemblerpeHacktoberfesthacktoberfest2023
QMake
1127
1 天前
trailofbits / pe-parse 

Principled, lightweight C/C++ PE parser

pe-formatportable-executableHacktoberfest
C++
860
8 天前
hasherezade / pe-bear-releases 

PE-bear (builds only)

pe-analyzerpe-formatpe-editor
780
2 年前
saferwall / pe 

A ⚡ lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

pe-fileportable-executableMalwarepecoffmalware-analysisParsingGoParserbinary-analysis逆向工程pe-format
Go
363
2 个月前
MrSmith33 / vox 

Vox language compiler. AOT / JIT / Linker. Zero dependencies

jitx86-64codegenpe-formatlinkerD编译器amd64aotlanguage编程语言
D
355
3 个月前
tgrysztar / fasmg 

flat assembler g - adaptable assembly engine

Assemblyx86x86-64macroinstructionsexecutable-formatspe-formatmach-oavx-instructionsWebAssembly
Assembly
314
2 个月前
hasherezade / IAT_patcher 

Persistent IAT hooking application - based on bearparser

pehookingmultiplatformpe-filepe-formatbearparser
C++
260
3 年前
HoShiMin / formatPE 

A bunch of parsers for PE and PDB formats in C++

C++header-onlymodern-cpppdbpdb-filespdb-parserpepe-analyzerpe-filepe-formatportable-executable
C++
252
1 年前
jovibor / libpe 

Library for parsing internal structures of PE32/PE32+ binary files.

pe-filepe-analyzerpe-formatbinary-analysisportable-executable
C++
167
9 个月前
jovibor / Pepper 

PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

pe-filepe-analyzerpe-formatpeportable-executableviewerbinary-analysis
C++
166
3 个月前
packing-box / peid 

Python implementation of the Packed Executable iDentifier (PEiD)

pe-filepe-formatPythonexecutable-packingmalware-analysismalware-researchbinary-analysis
Python
139
1 年前
Fleynaro / SDA 

SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.

逆向工程工具gamesanalysisdebuggerdecompilerx86-64disassemblerpe-formatx86static-analysisdynamic-analysis
C++
133
2 年前
jnastarot / enma_pe 

Cross-platform library for parsing and building PE\PE+ formats

portable-executableexecutable-formatspe-formatpe-analyzerbinary-analysismalware-analysismalware-researchparsing-library逆向工程
C++
82
3 年前
jaketae / deep-malware-detection 

A neural approach to malware detection in portable executables

深度学习PyTorchmalware-detectionmalware-researchpe-filepe-format
Python
78
2 年前
Fatmike-GH / Fatpack 

A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support

lzmamanual-mappingpe-filepe-formatpe-loaderpe-packerupxexecutablepackerWindowsportable-executablecompressorexecutable-packing
C
75
2 个月前
hasherezade / pe2pic 

Small visualizator for PE files

pe-filepe-formatpefilevisualizationmalware-analysis
Python
69
2 年前