PE Tools - Portable executable (PE) manipulation toolkit
-
Updated
Apr 4, 2018
PE Tools - Portable executable (PE) manipulation toolkit
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
Portable Executable (PE) library written in .Net
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
Malware Data Science Reading Diary / Notes
POC of a better implementation of GetProcAddress for ntdll using binary search
A Malware classifier dataset built with header fields’ values of Portable Executable files
PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible
A Machine Learning approach for classifying a file as Malicious or Legitimate
Small visualizator for PE files
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
Dump certificates from PE files in different formats
ProcessGhosting 技术的 rust 实现版本
This project is Malware detection API using ML and CNN techniques
Detecting Malware in PE files
Hex Workshop editor's structure library for the Microsoft's Portable Executable format.
Add a description, image, and links to the pefile topic page so that developers can more easily learn about it.
To associate your repository with the pefile topic, visit your repo's landing page and select "manage topics."