/pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Primary LanguageC++BSD 2-Clause "Simplified" LicenseBSD-2-Clause

Watchers