GitHub topics: pefile
DeAriasn/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 49.8 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0
iseki0/Executables
Library for executable/object files parsing(include PE version info, virtual memory), in Kotlin multiplatform.
Language: Kotlin - Size: 3.24 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 9 - Forks: 0
secana/PeNet
Portable Executable (PE) library written in .Net
Language: C# - Size: 18.7 MB - Last synced at: 6 days ago - Pushed at: 9 days ago - Stars: 611 - Forks: 119
unipacker/unipacker
Automatic and platform-independent unpacker for Windows binaries based on emulation
Language: Python - Size: 8.58 MB - Last synced at: 9 days ago - Pushed at: 7 months ago - Stars: 687 - Forks: 85
cybersecurity-dev/PE-Static-Toolkit
PE Static Toolkit | Portable Executable (PE) Analysing Toolkit
Language: Python - Size: 21.5 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 1 - Forks: 0
87owo/PYAS
Python Antivirus Software
Language: Python - Size: 1.24 GB - Last synced at: 16 days ago - Pushed at: about 2 months ago - Stars: 157 - Forks: 24
Kareasst/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 221 KB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 2 - Forks: 0
hasherezade/transacted_hollowing
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
Language: C - Size: 204 KB - Last synced at: 16 days ago - Pushed at: about 1 year ago - Stars: 538 - Forks: 81
hasherezade/process_ghosting
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
Language: C - Size: 70.3 KB - Last synced at: 17 days ago - Pushed at: about 1 year ago - Stars: 652 - Forks: 117
petoolse/petools
PE Tools - Portable executable (PE) manipulation toolkit
Size: 346 KB - Last synced at: about 1 month ago - Pushed at: about 7 years ago - Stars: 1,081 - Forks: 136
Tastortist/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 229 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0
lowleveldesign/importando
A command line tool to modify PE file imports on process start
Language: C# - Size: 42 KB - Last synced at: 12 days ago - Pushed at: over 1 year ago - Stars: 5 - Forks: 2
0xlane/process_ghosting
ProcessGhosting 技术的 rust 实现版本
Language: Rust - Size: 969 KB - Last synced at: 11 days ago - Pushed at: 6 months ago - Stars: 25 - Forks: 6
M3str3/HexSpell
HexSpell is an open-source library written in Rust, designed to parse and manipulate executable files, DLLs, and more with minimal dependency overhead.
Language: Rust - Size: 161 KB - Last synced at: 11 days ago - Pushed at: 3 months ago - Stars: 6 - Forks: 0
dfint/peclasses
Fast minimalistic library for Portable Executable format parsing + ctypes structures in dataclass style
Language: Python - Size: 235 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0
secana/CertDump
Dump certificates from PE files in different formats
Language: C# - Size: 154 KB - Last synced at: 16 days ago - Pushed at: over 1 year ago - Stars: 38 - Forks: 5
eersoy93/PyWinEmu
Another attempt to implement old Windows EXE emulation for Linux in Python.
Language: Python - Size: 7.81 KB - Last synced at: 7 days ago - Pushed at: 4 months ago - Stars: 3 - Forks: 0
abinba/pe-analyzer
Preprocessor of PE (Portable Executable) files (dll, exe) using Spark.
Language: Python - Size: 109 KB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0
ReFo0/process-dumper
process dumper
Language: C - Size: 180 KB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 9 - Forks: 3
hasherezade/pe2pic
Small visualizator for PE files
Language: Python - Size: 1.38 MB - Last synced at: 15 days ago - Pushed at: over 1 year ago - Stars: 67 - Forks: 15
Siysyter/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language: C# - Size: 1 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 4 - Forks: 0
omarghader/pefile-go
Golang port of pefile
Language: Python - Size: 2.02 MB - Last synced at: 5 months ago - Pushed at: almost 8 years ago - Stars: 23 - Forks: 12
Muddanak/pe-fe
Analyze a pefile, written in Rust
Language: Rust - Size: 136 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0
hylkepostma/metadater 📦
Package for Python providing an easy way to get a (Windows) app's version and other metadata from GIT (during development) or PE (Portable Executable) (after freezing).
Language: Python - Size: 46.9 KB - Last synced at: 18 days ago - Pushed at: over 4 years ago - Stars: 3 - Forks: 1
malice-plugins/pescan
Malice PExecutable Plugin
Language: Python - Size: 320 KB - Last synced at: 10 days ago - Pushed at: about 4 years ago - Stars: 16 - Forks: 11
keowu/pefixerextreme
My personal PE Fixer that allows you to patch a raw PE dump to a fully patched and working PE dump that will help your analysis.
Language: C++ - Size: 54 MB - Last synced at: 14 days ago - Pushed at: about 3 years ago - Stars: 10 - Forks: 1
secana/PEditor
View and edit Portable Exexutable (PE) files.
Language: C# - Size: 88.9 KB - Last synced at: 16 days ago - Pushed at: almost 6 years ago - Stars: 7 - Forks: 4
urwithajit9/ClaMP
A Malware classifier dataset built with header fields’ values of Portable Executable files
Language: YARA - Size: 1.75 MB - Last synced at: 12 months ago - Pushed at: over 2 years ago - Stars: 86 - Forks: 31
cylance/PyPackerDetect
A malware dataset curation tool which helps identify packed samples.
Language: Python - Size: 341 KB - Last synced at: 11 months ago - Pushed at: over 6 years ago - Stars: 28 - Forks: 19
bugourmet/pypeof
Python script that detects PE File EOF Data
Language: Python - Size: 11.7 KB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
0cherry/PackerIdentificator
packer identification tool using SVM
Language: Python - Size: 31.8 MB - Last synced at: about 1 year ago - Pushed at: almost 6 years ago - Stars: 2 - Forks: 1
CybercentreCanada/assemblyline-service-pefile 📦
Assemblyline 4 PE File analysis service
Language: Python - Size: 135 KB - Last synced at: about 1 year ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 4
CausticKirbyZ/CrystalPE
Crystal Lang library for parsing of x64/x86 Windows PE files.
Language: Crystal - Size: 2.74 MB - Last synced at: 22 days ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
87owo/PYAE
Python Antivirus Engine Scanner
Language: Python - Size: 168 MB - Last synced at: 16 days ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
0x00Jeff/BetterGetProcAddress
POC of a better implementation of GetProcAddress for ntdll using binary search
Language: C - Size: 7.28 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 96 - Forks: 14
Yxdav/PEPY
A simple program that parses PE files...
Language: Python - Size: 76.2 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
levanvn/Shellcode_Infection
Shellcode for infect PEFile
Language: Assembly - Size: 227 KB - Last synced at: over 1 year ago - Pushed at: over 6 years ago - Stars: 2 - Forks: 0
surajr/Machine-Learning-approach-for-Malware-Detection
A Machine Learning approach for classifying a file as Malicious or Legitimate
Language: Jupyter Notebook - Size: 11.3 MB - Last synced at: over 1 year ago - Pushed at: over 8 years ago - Stars: 70 - Forks: 49
aj-tap/mr.roboto
Malware analysis scripts written in Python. Scripts include unpacking zip samples, string extraction, and query VT hashes of samples.
Language: Python - Size: 180 MB - Last synced at: 9 days ago - Pushed at: over 2 years ago - Stars: 6 - Forks: 0
karust/mlmc
Binary classification of PE files using neural network
Language: Python - Size: 50.6 MB - Last synced at: about 1 year ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 0
DasariJayanth/Malware-Detection-in-PE-files-using-Machine-Learning
Detecting Malware in PE files
Language: Jupyter Notebook - Size: 134 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 10 - Forks: 5
Kairos-T/Malware-Analysis-Toolkit
[IN THE WORKS] Python script designed to provide comprehensive analysis of malware samples, combining static and dynamic analysis techniques to analyse the behaviour and characteristics of analysed malware. Utilises PEfile library and PyREBox (VM sandbox)
Language: Python - Size: 35.2 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 5 - Forks: 3
avdhoot0303/Malware-detection-of-PE-files
This project is Malware detection API using ML and CNN techniques
Language: Jupyter Notebook - Size: 7.78 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 17 - Forks: 6
foiscs/PEViewer
PE file (DOS, NT, Section) Header Viewer
Language: C++ - Size: 16.6 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
damieng/binarycpu
Identify the processor architecture of binary files
Language: JavaScript - Size: 10.7 KB - Last synced at: 2 days ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0
morgenm/unpadit
Tool for Removing Binary Padding from PEs
Language: Rust - Size: 8.79 KB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 0
Hagrid29/herpaderply_hollowing
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
Language: C - Size: 911 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 17 - Forks: 7
hija/MalwareDataScience
Malware Data Science Reading Diary / Notes
Language: Jupyter Notebook - Size: 1.24 MB - Last synced at: about 2 years ago - Pushed at: almost 6 years ago - Stars: 96 - Forks: 34
ins1gn1a/Frampton
PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible
Language: Python - Size: 164 KB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 59 - Forks: 14
kn0t3k/pe-randomizer
This is a simple utility that can randomize some properties of a PE file.
Language: Rust - Size: 14.6 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
DmAlexx/count-entropy-of-PE-files
Binary read the file, Count file entropy, Exit by pressing ESC (WINAPI)
Language: C++ - Size: 6.84 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
JakePeralta7/PE-Analyzer-GUI
This Program Analyzes PE Fies Using Python
Language: Python - Size: 188 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 1
emr4h/Malware-Detection-Using-Machine-Learning
This project analyzes PE information of exe files to detect malware. In this repository you will learn how to create your own dataset and will be able to see the use of machine learning models using the dataset. We will use machine learning for detect malware.
Language: Jupyter Notebook - Size: 586 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 3 - Forks: 2
cloudtracer/pefile.pypy
Pypy.js compatible version of pefile.py for use in offline browser implementation
Language: Python - Size: 8.39 MB - Last synced at: about 2 years ago - Pushed at: over 8 years ago - Stars: 8 - Forks: 4
apriorit/portable-executable-library Fork of BackupGGCode/portable-executable-library
PE Bliss - Cross-Platform Portable Executable C++ Library
Language: C++ - Size: 1000 KB - Last synced at: about 2 years ago - Pushed at: about 7 years ago - Stars: 15 - Forks: 8
