Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: pe-format

z0mb13w4r/objtools

next-gen replacement for readelf, objdump and objcopy.

Language: C - Size: 511 KB - Last synced at: about 7 hours ago - Pushed at: about 8 hours ago - Stars: 0 - Forks: 0

horsicq/XPEViewer

PE file viewer/editor for Windows, Linux and MacOS.

Language: QMake - Size: 7.46 MB - Last synced at: about 18 hours ago - Pushed at: about 19 hours ago - Stars: 1,079 - Forks: 107

trailofbits/pe-parse

Principled, lightweight C/C++ PE parser

Language: C++ - Size: 696 KB - Last synced at: about 20 hours ago - Pushed at: 6 months ago - Stars: 836 - Forks: 161

guidedhacking/GuidedHacking-Injector

The BEST DLL Injector Library.

Language: C++ - Size: 531 KB - Last synced at: 1 day ago - Pushed at: 13 days ago - Stars: 1,144 - Forks: 237

packing-box/reminder

Implementation of the packing detection heuristic from the paper "Packed PE File Detection for Malware Forensics" of Han et al.

Language: Python - Size: 85 KB - Last synced at: 5 days ago - Pushed at: 5 months ago - Stars: 3 - Forks: 0

packing-box/peid

Python implementation of the Packed Executable iDentifier (PEiD)

Language: Python - Size: 1.29 MB - Last synced at: 5 days ago - Pushed at: 12 months ago - Stars: 139 - Forks: 15

packing-box/docker-packing-box

Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection

Language: Python - Size: 128 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 57 - Forks: 12

guided-hacking/GuidedHacking-Injector

The BEST DLL Injector Library.

Language: C++ - Size: 23.4 MB - Last synced at: 6 days ago - Pushed at: 8 months ago - Stars: 50 - Forks: 8

MrSmith33/vox

Vox language compiler. AOT / JIT / Linker. Zero dependencies

Language: D - Size: 2.85 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 355 - Forks: 19

hasherezade/pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Language: C++ - Size: 131 MB - Last synced at: 13 days ago - Pushed at: 24 days ago - Stars: 3,288 - Forks: 449

hasherezade/pe-bear

Portable Executable reversing tool with a friendly GUI

Language: C++ - Size: 1.14 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 3,022 - Forks: 184

IsaacMarovitz/pe-parser

PE Parsing, but blazing fast

Language: Rust - Size: 179 KB - Last synced at: 4 days ago - Pushed at: 8 days ago - Stars: 27 - Forks: 6

0xl0/PewParser

multi-platform C++ library and console tool for parsing Portable Executable (PE) files (.exe, .dll)

Language: C++ - Size: 1.54 MB - Last synced at: 21 days ago - Pushed at: 21 days ago - Stars: 0 - Forks: 0

packing-box/dataset-packed-pe Fork of chesvectain/PackingData

Dataset of packed PE samples

Language: Python - Size: 1.26 GB - Last synced at: 5 days ago - Pushed at: 10 months ago - Stars: 34 - Forks: 7

packing-box/pypackerdetect Fork of cylance/PyPackerDetect

Packing detection tool for PE files

Language: Python - Size: 424 KB - Last synced at: 1 day ago - Pushed at: 5 months ago - Stars: 24 - Forks: 3

autruonggiang/IE105-FL-Flower

Implementation of a Federated Learning Framework for Portable Executable (PE) Malware Classification.

Language: Jupyter Notebook - Size: 42 MB - Last synced at: 25 days ago - Pushed at: 26 days ago - Stars: 1 - Forks: 0

hasherezade/libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

Language: C++ - Size: 140 MB - Last synced at: 30 days ago - Pushed at: 2 months ago - Stars: 1,200 - Forks: 188

HoShiMin/formatPE

A bunch of parsers for PE and PDB formats in C++

Language: C++ - Size: 81.1 KB - Last synced at: about 1 month ago - Pushed at: 12 months ago - Stars: 237 - Forks: 49

packing-box/bintropy

Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

Language: Python - Size: 334 KB - Last synced at: 7 days ago - Pushed at: 5 months ago - Stars: 47 - Forks: 3

jaketae/deep-malware-detection

A neural approach to malware detection in portable executables

Language: Python - Size: 46.6 MB - Last synced at: 16 minutes ago - Pushed at: about 2 years ago - Stars: 79 - Forks: 17

jovibor/Pepper

PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

Language: C++ - Size: 2.2 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 161 - Forks: 36

hasherezade/IAT_patcher

Persistent IAT hooking application - based on bearparser

Language: C++ - Size: 646 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 254 - Forks: 70

hasherezade/pe-bear-releases

PE-bear (builds only)

Size: 146 KB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 775 - Forks: 73

Alon-Regev/VeganVirus

A Virus to encourage veganism and deter against eating meat.

Language: C++ - Size: 206 MB - Last synced at: 6 days ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 0

aniko33/pe-packer-x64

A simple template PE Packer (x64)

Language: C - Size: 17.6 KB - Last synced at: about 1 month ago - Pushed at: 10 months ago - Stars: 2 - Forks: 0

tgrysztar/fasmg

flat assembler g - adaptable assembly engine

Language: Assembly - Size: 13 MB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 254 - Forks: 32

jet2jet/pe-library-js

Provides parsing and generating Portable Executable binaries

Language: TypeScript - Size: 1.1 MB - Last synced at: 30 days ago - Pushed at: 9 months ago - Stars: 22 - Forks: 1

packing-box/python-exeplot

Library for plotting executable samples supporting multiple formats

Language: Python - Size: 690 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

Modula-dev/gyb

A bytecode-based cross platform linker

Language: C - Size: 62.5 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0

EugeneKirian/checksum

A command line tool to check and correct the Portable Executable (PE) file checksums.

Language: C - Size: 4.88 KB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

svtv/PEDependencyAnalyzer_PeNet

A command-line tool for analyzing and publishing dependencies of Windows PE files (executables and DLLs)

Language: C# - Size: 25.4 KB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

packing-box/packer-masking-tool

Attack tool for altering packed samples so that they evade static packing detection

Language: C++ - Size: 21.3 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 11 - Forks: 1

jovibor/libpe

Library for parsing internal structures of PE32/PE32+ binary files.

Language: C++ - Size: 397 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 160 - Forks: 36

0xAminED/pe-pwn

A Python script for analyzing Portable Executable (PE) files.

Language: Python - Size: 12.7 KB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

saferwall/pe

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Language: Go - Size: 28.6 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 321 - Forks: 48

5h4rrK/PEInsight

PEInsight is a fast and efficient command-line tool for parsing Windows Portable Executable (PE) files, written in C.

Language: C - Size: 36.1 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 3 - Forks: 0

hasherezade/pe2pic

Small visualizator for PE files

Language: Python - Size: 1.38 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 67 - Forks: 15

Fleynaro/SDA

SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.

Language: C++ - Size: 63.3 MB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 131 - Forks: 14

katahiromz/ExeSum

EXE Checksum manipulator

Language: C++ - Size: 5.86 KB - Last synced at: 1 day ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0

0xcpu/RElieve

RE scripts, snippets (IDA, lief, gdb, etc.)

Language: Python - Size: 21.5 KB - Last synced at: 3 days ago - Pushed at: about 4 years ago - Stars: 24 - Forks: 7

aliakseis/translator-test-task

Warm greetings to ESET! x86-64 executable creation example

Language: C++ - Size: 411 KB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

phax/gt

GetTyp/GetType/GT2 - legacy file format detector

Language: C++ - Size: 219 MB - Last synced at: about 1 month ago - Pushed at: almost 6 years ago - Stars: 7 - Forks: 2

katahiromz/CodeReverse2

The reverse-engineering tool for Windows executables

Language: C++ - Size: 585 KB - Last synced at: 7 days ago - Pushed at: almost 4 years ago - Stars: 5 - Forks: 4

fafalone/SetPEImageProps

Set PE Image Header Properties

Language: Visual Basic 6.0 - Size: 10.7 KB - Last synced at: 23 days ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 2

joeyzcs/Primitive-DLL-injector

Proof of concept DLL injector utilizing LoadLibraryA

Language: C++ - Size: 1.95 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 1 - Forks: 0

hMihaiDavid/hooks 📦

A DLL that performs IAT hooking

Language: C++ - Size: 9.77 KB - Last synced at: 4 months ago - Pushed at: almost 7 years ago - Stars: 26 - Forks: 7

CausticKirbyZ/CrystalPE

Crystal Lang library for parsing of x64/x86 Windows PE files.

Language: Crystal - Size: 2.74 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

jmcph4/butyl

Binary executable tool

Language: Rust - Size: 9.77 KB - Last synced at: about 1 month ago - Pushed at: over 5 years ago - Stars: 5 - Forks: 1

fafalone/CheckBitness

A simple utility to verify an executable is valid and check whether 32bit/64bit

Language: Visual Basic 6.0 - Size: 3.55 MB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 2

AymenSekhri/MalNet

Machine Learning Malware Detector

Language: Python - Size: 2.65 MB - Last synced at: over 1 year ago - Pushed at: about 2 years ago - Stars: 4 - Forks: 1

KOLANICH-tools/PEHeaderFixer.py 📦

Edits PE files header. Allows to force compatibility of a file to Windows XP if it is really compatible, but broken toolchain wrote misinformation !!! Migrated to Codeberg 🏔️ !!!

Language: Python - Size: 8.79 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

Flawww/Relocation-Reconstructor

Heuristically recover relocations and imports from module memory dumps

Language: C++ - Size: 172 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 1

jnastarot/enma_pe

Cross-platform library for parsing and building PE\PE+ formats

Language: C++ - Size: 769 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 63 - Forks: 23

viorelyo/PE-Dumper

Simple PE Format Parser written in C/C++ using Win32API

Language: C++ - Size: 691 KB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 1 - Forks: 1

KOLANICH-libs/isExecutable.cpp

A lib to distinguish a shared library from an executable. Mostly for ELF, but some rudimentary (file name extension-based) support of windows was added.

Language: C++ - Size: 16.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

AFP33/POEX

POEX is a library to access, load and manipulate PE (Portable Executable) files.

Language: C++ - Size: 60.5 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 1 - Forks: 0

daringjoker/Injector

Inject a New Section to the pe-executable file

Language: Python - Size: 21.5 KB - Last synced at: about 2 years ago - Pushed at: almost 5 years ago - Stars: 1 - Forks: 0

AnkitaSinha98/Malware-Prediction

A Malware Prediction model that predicted if the PE format file is malicious or legitimate.

Language: Python - Size: 34.3 MB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 2 - Forks: 4

Related Keywords
pe-format 58 pe-file 25 malware-analysis 19 pe 16 portable-executable 16 binary-analysis 14 reverse-engineering 12 pe-analyzer 10 windows 9 malware-research 9 elf-format 7 executable-packing 7 pe-files 6 malware-packers 6 pe-loader 6 research-tools 5 x86-64 5 packing-detection 5 pe-parser 5 python 4 elf-binaries 4 elf 4 executable 4 x86 3 executable-formats 3 mach-o 3 disassembler 3 entrypoint 3 cpp 3 manual-mapping 3 pe-editor 3 injector 3 injection 3 dll-injector 3 dll-injection 3 malware 3 iat 2 iat-hooking 2 assembly 2 windows-pe 2 lief 2 pe-applications 2 parser 2 multiplatform 2 bearparser 2 dll 2 parsing 2 coff 2 tool 2 win64 2 pefile 2 win32 2 checksum 2 cxx 2 win32api 2 twinbasic 2 macho-format 2 evasion 2 vb6 2 winapi 2 visual-studio 2 c 2 disassembly 2 signature-detection 2 machine-learning 2 game-hacking 2 arm 2 injector-x64 2 shellcode-injection 2 dllinjector 2 peid-signature 2 linker 2 hacktoberfest 2 dll-inject 2 entropy 2 hooking 2 peid 2 static-analysis 2 research-tool 2 libpeconv 2 hacktoberfest2023 1 digital-forensics 1 ie105 1 visualization 1 analysis 1 debugger 1 decompiler 1 dynamic-analysis 1 games 1 command-line 1 command-line-tool 1 win32-api 1 intel 1 object 1 risc-v 1 riscv 1 x86-32 1 dependency-analyzer 1 dotnet 1 dotnet-core 1