Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: pefile
secana/PeNet
Portable Executable (PE) library written in .Net
Language: C# - Size: 18.3 MB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 568 - Forks: 110
M3str3/HexSpell
HexSpell is an open-source library written in Rust, designed to parse and manipulate executable files, DLLs, and more with minimal dependency overhead.
Language: Rust - Size: 115 KB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 1 - Forks: 0
87owo/PYAS
Python Antivirus Software
Language: Python - Size: 953 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 113 - Forks: 16
unipacker/unipacker
Automatic and platform-independent unpacker for Windows binaries based on emulation
Language: Python - Size: 8.58 MB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 607 - Forks: 74
petoolse/petools
PE Tools - Portable executable (PE) manipulation toolkit
Size: 346 KB - Last synced: 10 days ago - Pushed: about 6 years ago - Stars: 963 - Forks: 130
CausticKirbyZ/CrystalPE
Crystal Lang library for parsing of x64/x86 Windows PE files.
Language: Crystal - Size: 2.74 MB - Last synced: 20 days ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
chaverex/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
Language: C# - Size: 59.6 KB - Last synced: 23 days ago - Pushed: 24 days ago - Stars: 0 - Forks: 0
secana/CertDump
Dump certificates from PE files in different formats
Language: C# - Size: 154 KB - Last synced: 24 days ago - Pushed: 5 months ago - Stars: 35 - Forks: 5
dfint/peclasses
Fast minimalistic library for Portable Executable file parsing
Language: Python - Size: 146 KB - Last synced: 24 days ago - Pushed: 24 days ago - Stars: 0 - Forks: 0
secana/PEditor
View and edit Portable Exexutable (PE) files.
Language: C# - Size: 88.9 KB - Last synced: 24 days ago - Pushed: almost 5 years ago - Stars: 7 - Forks: 4
urwithajit9/ClaMP
A Malware classifier dataset built with header fields’ values of Portable Executable files
Language: YARA - Size: 1.75 MB - Last synced: 24 days ago - Pushed: over 1 year ago - Stars: 86 - Forks: 31
cylance/PyPackerDetect
A malware dataset curation tool which helps identify packed samples.
Language: Python - Size: 341 KB - Last synced: 10 days ago - Pushed: over 5 years ago - Stars: 28 - Forks: 19
hasherezade/transacted_hollowing
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
Language: C - Size: 204 KB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 483 - Forks: 72
bugourmet/pypeof
Python script that detects PE File EOF Data
Language: Python - Size: 11.7 KB - Last synced: 2 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0
0cherry/PackerIdentificator
packer identification tool using SVM
Language: Python - Size: 31.8 MB - Last synced: 2 months ago - Pushed: almost 5 years ago - Stars: 2 - Forks: 1
hasherezade/process_ghosting
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
Language: C - Size: 70.3 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 589 - Forks: 115
CybercentreCanada/assemblyline-service-pefile 📦
Assemblyline 4 PE File analysis service
Language: Python - Size: 135 KB - Last synced: 3 months ago - Pushed: over 1 year ago - Stars: 2 - Forks: 4
87owo/PYAE
Python Antivirus Engine Scanner
Language: Python - Size: 160 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 2 - Forks: 0
lowleveldesign/importando
A command line tool to modify PE file imports on process start
Language: C# - Size: 42 KB - Last synced: 28 days ago - Pushed: 5 months ago - Stars: 3 - Forks: 1
0x00Jeff/BetterGetProcAddress
POC of a better implementation of GetProcAddress for ntdll using binary search
Language: C - Size: 7.28 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 96 - Forks: 14
0xlane/process_ghosting
ProcessGhosting 技术的 rust 实现版本
Language: Rust - Size: 969 KB - Last synced: 5 days ago - Pushed: over 1 year ago - Stars: 21 - Forks: 5
Yxdav/PEPY
A simple program that parses PE files...
Language: Python - Size: 76.2 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 0 - Forks: 0
levanvn/Shellcode_Infection
Shellcode for infect PEFile
Language: Assembly - Size: 227 KB - Last synced: 7 months ago - Pushed: over 5 years ago - Stars: 2 - Forks: 0
ReFo0/process-dumper
process dumper
Language: C - Size: 180 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 9 - Forks: 2
surajr/Machine-Learning-approach-for-Malware-Detection
A Machine Learning approach for classifying a file as Malicious or Legitimate
Language: Jupyter Notebook - Size: 11.3 MB - Last synced: 7 months ago - Pushed: over 7 years ago - Stars: 70 - Forks: 49
hasherezade/pe2pic
Small visualizator for PE files
Language: Python - Size: 1.38 MB - Last synced: 5 months ago - Pushed: 8 months ago - Stars: 64 - Forks: 14
karust/mlmc
Binary classification of PE files using neural network
Language: Python - Size: 50.6 MB - Last synced: about 1 month ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0
DasariJayanth/Malware-Detection-in-PE-files-using-Machine-Learning
Detecting Malware in PE files
Language: Jupyter Notebook - Size: 134 MB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 10 - Forks: 5
omarghader/pefile-go
Golang port of pefile
Language: Python - Size: 2.02 MB - Last synced: 10 months ago - Pushed: almost 7 years ago - Stars: 22 - Forks: 12
Kairos-T/Malware-Analysis-Toolkit
[IN THE WORKS] Python script designed to provide comprehensive analysis of malware samples, combining static and dynamic analysis techniques to analyse the behaviour and characteristics of analysed malware. Utilises PEfile library and PyREBox (VM sandbox)
Language: Python - Size: 35.2 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 5 - Forks: 3
avdhoot0303/Malware-detection-of-PE-files
This project is Malware detection API using ML and CNN techniques
Language: Jupyter Notebook - Size: 7.78 MB - Last synced: 11 months ago - Pushed: about 1 year ago - Stars: 17 - Forks: 6
foiscs/PEViewer
PE file (DOS, NT, Section) Header Viewer
Language: C++ - Size: 16.6 KB - Last synced: 11 months ago - Pushed: 11 months ago - Stars: 0 - Forks: 0
damieng/binarycpu
Identify the processor architecture of binary files
Language: JavaScript - Size: 10.7 KB - Last synced: about 1 month ago - Pushed: over 2 years ago - Stars: 1 - Forks: 0
Muddanak/pe-fe
Analyze a pefile, written in Rust
Language: Rust - Size: 128 KB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
morgenm/unpadit
Tool for Removing Binary Padding from PEs
Language: Rust - Size: 8.79 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
Hagrid29/herpaderply_hollowing
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
Language: C - Size: 911 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 17 - Forks: 7
aj-tap/mr.roboto
Malware analysis scripts written in Python. Scripts include unpacking zip samples, string extraction, and query VT hashes of samples.
Language: Python - Size: 180 MB - Last synced: 11 months ago - Pushed: over 1 year ago - Stars: 7 - Forks: 0
hija/MalwareDataScience
Malware Data Science Reading Diary / Notes
Language: Jupyter Notebook - Size: 1.24 MB - Last synced: about 1 year ago - Pushed: about 5 years ago - Stars: 96 - Forks: 34
hylkepostma/metadater 📦
Package for Python providing an easy way to get a (Windows) app's version and other metadata from GIT (during development) or PE (Portable Executable) (after freezing).
Language: Python - Size: 46.9 KB - Last synced: 17 days ago - Pushed: over 3 years ago - Stars: 2 - Forks: 1
ins1gn1a/Frampton
PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible
Language: Python - Size: 164 KB - Last synced: about 1 year ago - Pushed: over 4 years ago - Stars: 59 - Forks: 14
kn0t3k/pe-randomizer
This is a simple utility that can randomize some properties of a PE file.
Language: Rust - Size: 14.6 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
malice-plugins/pescan
Malice PExecutable Plugin
Language: Python - Size: 320 KB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 12 - Forks: 10
keowu/pefixerextreme
My personal PE Fixer that allows you to patch a raw PE dump to a fully patched and working PE dump that will help your analysis.
Language: C++ - Size: 54 MB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 6 - Forks: 0
DmAlexx/count-entropy-of-PE-files
Binary read the file, Count file entropy, Exit by pressing ESC (WINAPI)
Language: C++ - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
JakePeralta7/PE-Analyzer-GUI
This Program Analyzes PE Fies Using Python
Language: Python - Size: 188 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 2 - Forks: 1
emr4h/Malware-Detection-Using-Machine-Learning
This project analyzes PE information of exe files to detect malware. In this repository you will learn how to create your own dataset and will be able to see the use of machine learning models using the dataset. We will use machine learning for detect malware.
Language: Jupyter Notebook - Size: 586 KB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 3 - Forks: 2
cloudtracer/pefile.pypy
Pypy.js compatible version of pefile.py for use in offline browser implementation
Language: Python - Size: 8.39 MB - Last synced: about 1 year ago - Pushed: over 7 years ago - Stars: 8 - Forks: 4
apriorit/portable-executable-library Fork of BackupGGCode/portable-executable-library
PE Bliss - Cross-Platform Portable Executable C++ Library
Language: C++ - Size: 1000 KB - Last synced: about 1 year ago - Pushed: over 6 years ago - Stars: 15 - Forks: 8