Topic: "pe-file"
hasherezade/pe-bear
Portable Executable reversing tool with a friendly GUI
Language: C++ - Size: 1.04 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 3,004 - Forks: 184
hasherezade/pe_to_shellcode
Converts PE into a shellcode
Language: C++ - Size: 156 KB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 2,518 - Forks: 450
hasherezade/libpeconv
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
Language: C++ - Size: 140 MB - Last synced at: 11 days ago - Pushed at: about 2 months ago - Stars: 1,200 - Forks: 188
hasherezade/dll_to_exe
Converts a DLL into EXE
Language: C++ - Size: 38.1 KB - Last synced at: 20 days ago - Pushed at: almost 2 years ago - Stars: 807 - Forks: 170
mentebinaria/readpe
The PE file analysis toolkit
Language: C - Size: 2.32 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 720 - Forks: 133
saferwall/pe
A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
Language: Go - Size: 28.6 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 321 - Forks: 48
hasherezade/IAT_patcher
Persistent IAT hooking application - based on bearparser
Language: C++ - Size: 646 KB - Last synced at: 16 days ago - Pushed at: over 2 years ago - Stars: 254 - Forks: 70
HoShiMin/formatPE
A bunch of parsers for PE and PDB formats in C++
Language: C++ - Size: 81.1 KB - Last synced at: 17 days ago - Pushed at: 11 months ago - Stars: 237 - Forks: 49
jovibor/Pepper
PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
Language: C++ - Size: 2.2 MB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 161 - Forks: 36
xoofx/LibObjectFile
LibObjectFile is a .NET library to read, manipulate and write linker and executable object files (e.g ELF, PE, DWARF, ar...)
Language: C# - Size: 3.12 MB - Last synced at: 15 days ago - Pushed at: 6 months ago - Stars: 161 - Forks: 11
jovibor/libpe
Library for parsing internal structures of PE32/PE32+ binary files.
Language: C++ - Size: 397 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 160 - Forks: 36
packing-box/peid
Python implementation of the Packed Executable iDentifier (PEiD)
Language: Python - Size: 1.29 MB - Last synced at: 17 days ago - Pushed at: 11 months ago - Stars: 136 - Forks: 15
jaketae/deep-malware-detection
A neural approach to malware detection in portable executables
Language: Python - Size: 46.6 MB - Last synced at: 23 days ago - Pushed at: about 2 years ago - Stars: 78 - Forks: 17
vic4key/QLoader
QLoader is a PE loader creator that helps you quickly create a non-exe loader for application
Language: C++ - Size: 2.57 MB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 78 - Forks: 22
hasherezade/ViDi
ViDi Visual Disassembler (experimental)
Language: C++ - Size: 226 KB - Last synced at: 18 days ago - Pushed at: about 2 years ago - Stars: 76 - Forks: 23
vic4key/Vutils
Vutils or Vic Utilities is an utility library written in Modern C++ and for Modern C++. It helps your programming go easier, faster, and simpler.
Language: C++ - Size: 5.72 MB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 68 - Forks: 24
hasherezade/pe2pic
Small visualizator for PE files
Language: Python - Size: 1.38 MB - Last synced at: 18 days ago - Pushed at: over 1 year ago - Stars: 67 - Forks: 15
andyjsmith/Exe-Spy
ExeSpy is a cross-platform PE viewer for EXE and DLL files
Language: Python - Size: 3.31 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 61 - Forks: 20
hMihaiDavid/addscn 📦
Add an empty section to a PE file
Language: C++ - Size: 19.5 KB - Last synced at: 3 months ago - Pushed at: over 7 years ago - Stars: 52 - Forks: 17
dotnet/metadata-tools
Contains tools for metadata, such as Roslyn's metadata visualizer.
Language: C# - Size: 1000 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 50 - Forks: 28
packing-box/bintropy
Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
Language: Python - Size: 334 KB - Last synced at: 19 days ago - Pushed at: 5 months ago - Stars: 46 - Forks: 3
packing-box/dataset-packed-pe Fork of chesvectain/PackingData
Dataset of packed PE samples
Language: Python - Size: 1.26 GB - Last synced at: 5 months ago - Pushed at: 9 months ago - Stars: 29 - Forks: 6
packing-box/pypackerdetect Fork of cylance/PyPackerDetect
Packing detection tool for PE files
Language: Python - Size: 424 KB - Last synced at: 18 days ago - Pushed at: 5 months ago - Stars: 23 - Forks: 3
JohnTroony/PE-CodeCaving
Work files for my blog post "Code Caving in a PE file.
Size: 17.8 MB - Last synced at: about 1 year ago - Pushed at: over 8 years ago - Stars: 16 - Forks: 10
levanvn/PE_Packer
Simple Packer PE File
Language: C++ - Size: 95.6 MB - Last synced at: 5 months ago - Pushed at: about 6 years ago - Stars: 15 - Forks: 5
Alex4386-vault/pe-parser 📦
PE/MZ Header Parser :: A crossplatform Windows PE/MS-DOS MZ Header Parser : Powered by @pay1oad-repo
Language: C++ - Size: 846 KB - Last synced at: 8 days ago - Pushed at: 9 months ago - Stars: 11 - Forks: 1
StackOverflowExcept1on/anonlink
Command line tool to automatically patch link.exe to remove Rich PE Header
Language: Rust - Size: 31.3 KB - Last synced at: 17 days ago - Pushed at: 8 months ago - Stars: 6 - Forks: 0
jmcph4/butyl
Binary executable tool
Language: Rust - Size: 9.77 KB - Last synced at: 17 days ago - Pushed at: over 5 years ago - Stars: 5 - Forks: 1
yunamari/iat-editor
loads a dll and changes an imported function entry specified in the dynamically specified dll (with its rva) in the program whose pid was previously specified
Language: C++ - Size: 1.84 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 4 - Forks: 0
fafalone/CheckBitness
A simple utility to verify an executable is valid and check whether 32bit/64bit
Language: Visual Basic 6.0 - Size: 3.55 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 2
zakuciael/cfv
Cross-platform node.js library that can extracts file versions from a valid PE file (.exe)
Language: TypeScript - Size: 66.4 KB - Last synced at: 17 days ago - Pushed at: almost 4 years ago - Stars: 3 - Forks: 1
vic4key/Dependency-Walker
Dependency Walker - a tool that recursive listing and fixing-up dependencies of a PE file
Language: Python - Size: 498 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 3 - Forks: 2
jmcph4/PEek
PEek is a simple PE file viewer.
Language: C - Size: 26.4 KB - Last synced at: 12 days ago - Pushed at: over 7 years ago - Stars: 3 - Forks: 1
packing-box/reminder
Implementation of the packing detection heuristic from the paper "Packed PE File Detection for Malware Forensics" of Han et al.
Language: Python - Size: 85 KB - Last synced at: 18 days ago - Pushed at: 5 months ago - Stars: 2 - Forks: 0
fafalone/SetPEImageProps
Set PE Image Header Properties
Language: Visual Basic 6.0 - Size: 10.7 KB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 2
jcfromsiberia/SymSeek
Desktop application for searching symbols within binaries
Language: C++ - Size: 175 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 0
prabormukherjee/Antivirus
A basic malware detector using Machine Learning
Language: Python - Size: 12.7 MB - Last synced at: almost 2 years ago - Pushed at: over 4 years ago - Stars: 2 - Forks: 1
autruonggiang/IE105-FL-Flower
Implementation of a Federated Learning Framework for Portable Executable (PE) Malware Classification.
Language: Jupyter Notebook - Size: 42 MB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 1 - Forks: 0
EugeneKirian/checksum
A command line tool to check and correct the Portable Executable (PE) file checksums.
Language: C - Size: 4.88 KB - Last synced at: 29 days ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0
0xAminED/pe-pwn
A Python script for analyzing Portable Executable (PE) files.
Language: Python - Size: 12.7 KB - Last synced at: 22 days ago - Pushed at: 5 months ago - Stars: 1 - Forks: 0
andrey-perevitskiy/pe-explorer
Portable Executable files explorer
Language: C - Size: 21.5 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 1 - Forks: 1
AFP33/POEX
POEX is a library to access, load and manipulate PE (Portable Executable) files.
Language: C++ - Size: 60.5 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 1 - Forks: 0
op2gs2/Capstone
Service of CNN model based Windows malware detection and PE file analysis
Language: Jupyter Notebook - Size: 1.02 GB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 1 - Forks: 0
BarakAharoni/PEFA
PE File Analysis tool
Language: Python - Size: 699 KB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0
0cherry/FunctionExtractor
Function Extracting Tool in .dll file
Language: C - Size: 270 KB - Last synced at: about 1 year ago - Pushed at: almost 6 years ago - Stars: 1 - Forks: 2
nathan-osman/pedeconstructor
Viewer for Win32 PE files
Language: C++ - Size: 18.6 KB - Last synced at: 2 months ago - Pushed at: over 7 years ago - Stars: 1 - Forks: 0
paultheal1en/Convert-PE-file-using-IDA-Pro-to-asm-and-bytes
A PowerShell script to convert PE (Portable Executable) files into ASM (Assembly) and raw byte code using IDA Pro. Designed for reverse engineering, malware analysis, and security research
Language: PowerShell - Size: 6.84 KB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
svtv/PEDependencyAnalyzer_PeNet
A command-line tool for analyzing and publishing dependencies of Windows PE files (executables and DLLs)
Language: C# - Size: 25.4 KB - Last synced at: 24 days ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
CausticKirbyZ/CrystalPE
Crystal Lang library for parsing of x64/x86 Windows PE files.
Language: Crystal - Size: 2.74 MB - Last synced at: 24 days ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
KOLANICH-libs/isExecutable.cpp
A lib to distinguish a shared library from an executable. Mostly for ELF, but some rudimentary (file name extension-based) support of windows was added.
Language: C++ - Size: 16.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
kadzicu-hacker/RunPE
Run PE(exe) file in memory
Language: C++ - Size: 6.84 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
kadzicu-hacker/CallAPI
hidden calls to Windows API functions
Language: C++ - Size: 30.3 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
aliakseis/translator-test-task
Warm greetings to ESET! x86-64 executable creation example
Language: C++ - Size: 411 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
nathan-osman/win32pe
C++ library for working with Win32 PE files
Language: C++ - Size: 76.2 KB - Last synced at: 2 months ago - Pushed at: almost 6 years ago - Stars: 0 - Forks: 2
JonathonReinhart/pebrowser
PE File Browser (.NET)
Language: C# - Size: 108 KB - Last synced at: about 1 month ago - Pushed at: over 7 years ago - Stars: 0 - Forks: 0
