libpeconv · GitHub Topics

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

pe-format hooking pe-dumper pe-analyzer libpeconv process-analyzer scans anti-malware pe-sieve malware-analysis memory-forensics

C++ 3.34 k

22 天前

hasherezade / libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

pe-file pe-format libpeconv pe-loader manual-mapping

C++ 1.23 k

22 天前

hasherezade / dll_to_exe

Converts a DLL into EXE

libpeconv pe-file

C++ 814

2 年前

hasherezade / mal_unpack

Dynamic unpacker based on PE-sieve

libpeconv pe-sieve memory-forensics malware-unpacker malware-analysis

C 736

20 天前

hasherezade / libpeconv_tpl

A ready-made template for a project based on libpeconv.

libpeconv

C++ 48

4 个月前

hasherezade / loaderine

A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.

libpeconv

C 19

7 年前

hasherezade / libpeconv_wrappers

A ready-made template for a new project based on libPeConv library

libpeconv

C++ 7

7 年前