libpeconv

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

pe-format hooking pe-dumper pe-analyzer libpeconv process-analyzer scans anti-malware pe-sieve malware-analysis memory-forensics

C++ 3.43 k

8 天前

hasherezade / libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

pe-file pe-format libpeconv pe-loader manual-mapping

C++ 1.28 k

4 个月前

hasherezade / dll_to_exe

Converts a DLL into EXE

libpeconv pe-file

C++ 815

2 年前

hasherezade / mal_unpack

Dynamic unpacker based on PE-sieve

libpeconv pe-sieve memory-forensics malware-unpacker malware-analysis

C 754

2 天前

hasherezade / libpeconv_tpl

A ready-made template for a project based on libpeconv.

libpeconv

C++ 46

7 个月前

hasherezade / loaderine

A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.

libpeconv

C 20

7 年前

hasherezade / libpeconv_wrappers

A ready-made template for a new project based on libPeConv library

libpeconv

C++ 7

7 年前

Website
Wikipedia