pe-format

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Portable Executable reversing tool with a friendly GUI

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

The BEST DLL Injector Library.

PE file viewer/editor for Windows, Linux and MacOS.

Principled, lightweight C/C++ PE parser

PE-bear (builds only)

A ⚡ lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Vox language compiler. AOT / JIT / Linker. Zero dependencies

flat assembler g - adaptable assembly engine

Persistent IAT hooking application - based on bearparser

A bunch of parsers for PE and PDB formats in C++

Library for parsing internal structures of PE32/PE32+ binary files.

PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

Python implementation of the Packed Executable iDentifier (PEiD)

SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.

Cross-platform library for parsing and building PE\PE+ formats

A neural approach to malware detection in portable executables

Small visualizator for PE files

Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection