pefile
Here are 50 public repositories matching this topic...
Portable Executable (PE) library written in .Net
-
Updated
May 27, 2024 - C#
HexSpell is an open-source library written in Rust, designed to parse and manipulate executable files, DLLs, and more with minimal dependency overhead.
-
Updated
May 22, 2024 - Rust
The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
-
Updated
May 2, 2024 - C#
Fast minimalistic library for Portable Executable file parsing
-
Updated
May 1, 2024 - Python
POC of a better implementation of GetProcAddress for ntdll using binary search
-
Updated
Apr 8, 2024 - C
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
-
Updated
Mar 11, 2024 - C
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
-
Updated
Mar 8, 2024 - C
Crystal Lang library for parsing of x64/x86 Windows PE files.
-
Updated
Feb 19, 2024 - Crystal
Dump certificates from PE files in different formats
-
Updated
Dec 25, 2023 - C#
A command line tool to modify PE file imports on process start
-
Updated
Dec 17, 2023 - C#
Python script that detects PE File EOF Data
-
Updated
Sep 30, 2023 - Python
Small visualizator for PE files
-
Updated
Sep 20, 2023 - Python
Detecting Malware in PE files
-
Updated
Aug 8, 2023 - Jupyter Notebook
[IN THE WORKS] Python script designed to provide comprehensive analysis of malware samples, combining static and dynamic analysis techniques to analyse the behaviour and characteristics of analysed malware. Utilises PEfile library and PyREBox (VM sandbox)
-
Updated
Jul 21, 2023 - Python
Improve this page
Add a description, image, and links to the pefile topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the pefile topic, visit your repo's landing page and select "manage topics."