Awesome Open Source

Programming Languages

Search results for pefile

95 search results found

Pe Bear ⭐ 2,269

Portable Executable reversing tool with a friendly GUI

Pe_to_shellcode ⭐ 1,944

Converts PE into a shellcode

Pe_tree ⭐ 1,106

Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.

Sigthief ⭐ 955

Stealing Signatures and Making One Invalid Signature at a Time

Libpeconv ⭐ 932

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

Dll_to_exe ⭐ 725

Converts a DLL into EXE

Pe Parse ⭐ 725

Principled, lightweight C/C++ PE parser

Portable Executable (PE) library written in .Net

Unipacker ⭐ 490

Automatic and platform-independent unpacker for Windows binaries based on emulation

Process_ghosting ⭐ 435

Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file

Petools ⭐ 423

PE Tools - Portable executable (PE) manipulation toolkit

Transacted_hollowing ⭐ 334

Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging

A ⚡ lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Iat_patcher ⭐ 239

Persistent IAT hooking application - based on bearparser

Analyzepe ⭐ 157

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

Formatpe ⭐ 154

A bunch of parsers for PE and PDB formats in C++

DWARF Explorer - a GUI utility for navigating the DWARF debug information

Library for parsing internal structures of PE32/PE32+ binary files.

Debugengine ⭐ 127

Delphi debug framework

PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

Emotet_research ⭐ 123

Frida Extract ⭐ 103

Frida.re based RunPE (and MapViewOfSection) extraction tool

Peekaboo ⭐ 101

Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.

Python implementation of the Packed Executable iDentifier (PEiD)

Python Antivirus Software

QLoader is a PE loader creator that helps you quickly create a non-exe loader for application

ViDi Visual Disassembler (experimental)

Malwaredatascience ⭐ 68

Malware Data Science Reading Diary / Notes

Pyiatrebuild ⭐ 68

Automatically rebuild Import Address Table for dumped PE file. With python bindings!

ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.

Vutils or Vic Utilities is an utility library written in Modern C++ and for Modern C++. It helps your programming go easier, faster, and simpler.

Pe Library ⭐ 62

Lightweight Portable Executable parsing library and a demo peParser application.

Small visualizator for PE files

A Malware classifier dataset built with header fields’ values of Portable Executable files

Metadata Tools ⭐ 48

Contains tools for metadata, such as Roslyn's metadata visualizer.

Deep Malware Detection ⭐ 43

A neural approach to malware detection in portable executables

Certdump ⭐ 35

Dump certificates from PE files in different formats

PE File Blessing - To continue or not to continue

ExeSpy is a cross-platform PE viewer for EXE and DLL files

Bintropy ⭐ 35

Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

A Simple PE File Heuristics Scanners

Machine Learning Approach For Malware Detection ⭐ 34

A Machine Learning approach for classifying a file as Malicious or Legitimate

XOR Key Extractor

Pdbdownloader ⭐ 33

Standalone program to download PDB Symbol files for debugging without WDK

ripPE - section extractor and profiler for PE file analysis

Basic utility code for reading and modifying PE files (EXE, DLL, ...)

Malwareresourcescanner ⭐ 24

Scanning and identifying XOR encrypted PE files in PE resources

Peparser ⭐ 21

Windows PE (Portable Executable) file parser for Java 6+

Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.

Dataset Packed Pe ⭐ 18

Dataset of packed PE samples

Pe_tools ⭐ 16

A cross-platform Python toolkit for parsing/writing PE files.

Sigthief ⭐ 16

Doublepulsarpayload ⭐ 14

C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.

Php Winpefile ⭐ 13

Windows Portable Executable file format command-line tools and PHP classes. Easily extract structures and information, modify files, and even construct files from scratch in the Windows Portable Executable (PE) file format (EXEs, DLLs, etc).

Pe_packer ⭐ 13

Simple Packer PE File

Compilation of peHash implementations.

Pestudio Cli ⭐ 12

Python tool to analyze PE file for patterns used by malware

Pe Codecaving ⭐ 12

Work files for my blog post "Code Caving in a PE file.

Extract resources from PE files

X86perunner ⭐ 12

Run X86 PE file on Windows 10 ARM32

Peanalyzer ⭐ 12

PE Analyzer utility tool

Pypackerdetect ⭐ 12

A malware dataset curation tool which helps identify packed samples.

Pefile Go ⭐ 11

Golang port of pefile

Pe Parser ⭐ 10

PE/MZ Header Parser :: A crossplatform Windows PE/MS-DOS MZ Header Parser : Powered by @pay1oad-repo

Malice PExecutable Plugin

Tinynuke ⭐ 10

Botnet system from deep-web Russians forums. Tiny Nuke!

Malware Detection In Pe Files Using Machine Learning ⭐ 10

Detecting Malware in PE files

Pe Master ⭐ 9

analyze the content of the pe file on windows, and shell(pack) function for windows drivers.

Pypackerdetect ⭐ 9

Packing detection tool for PE files

Process Dumper ⭐ 9

Libemu_pe ⭐ 9

enable libemu run pe file and add some good modify

Patternscanner ⭐ 9

Desktop application for rapid development and testing of patterns.

LuaJIT tools for handling Portable Executable files

Pefile Py3k ⭐ 8

fork of pefile for python 3

Packed Infected Pe ⭐ 8

A tool is used to infected a shellcode to PE file, the shellcode is packed at compile time and unpacked at runtime

Malware Detection Of Pe Files ⭐ 8

This project is Malware detection API using ML and CNN techniques

Bro Xorpe ⭐ 7

Bro IDS script to detect XOR'd binaries

Metadata Processor ⭐ 7

🧰 metadata processor (.NET nanoFramework toolbox)

Contiunpacker ⭐ 7

An automatic unpacker for a Conti sample

PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible

Herpaderply_hollowing ⭐ 6

Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping

A tool to extract RTTI information from Delphi executables, written in pure Python

Ljitpereader ⭐ 6

Various routines related to reading Windows PE format files

Change the entry point of Windows PE file and inject a dynamic library, in order to crack software of fix games.

Malware Detection using Convolutional Neural Networks

Hex Workshop editor's structure library for the Microsoft's Portable Executable format.

Add an empty section to a PE file

Blocklandloader ⭐ 6

Automatically load DLLs when starting Blockland

Process_ghosting ⭐ 5

ProcessGhosting 技术的 rust 实现版本

Trojantriage ⭐ 5

Trojan Triage parses a collection of malware samples in order to gain knowledge utilizing database analysis, common antivirus, Linux tools and PE file disassembly.

Pe Creator ⭐ 5

Peof Detector ⭐ 5

Little project that use my tiny library to handle PE File EOF Data.

A command-line program that simulates malicious behaviour

Malware Analysis Toolkit ⭐ 5

[IN THE WORKS] Python script designed to provide comprehensive analysis of malware samples, combining static and dynamic analysis techniques to analyse the behaviour and characteristics of analysed malware. Utilises PEfile library and PyREBox (VM sandbox)

Related Searches

1-95 of 95 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.