pe-format
There are 64 repositories under pe-format topic.
hasherezade/pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
hasherezade/pe-bear
Portable Executable reversing tool with a friendly GUI
hasherezade/libpeconv
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
guidedhacking/GuidedHacking-Injector
The BEST DLL Injector Library.
horsicq/XPEViewer
PE file viewer/editor for Windows, Linux and MacOS.
trailofbits/pe-parse
Principled, lightweight C/C++ PE parser
hasherezade/pe-bear-releases
PE-bear (builds only)
saferwall/pe
A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
MrSmith33/vox
Vox language compiler. AOT / JIT / Linker. Zero dependencies
tgrysztar/fasmg
flat assembler g - adaptable assembly engine
hasherezade/IAT_patcher
Persistent IAT hooking application - based on bearparser
HoShiMin/formatPE
A bunch of parsers for PE and PDB formats in C++
jovibor/Pepper
PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
jovibor/libpe
Library for parsing internal structures of PE32/PE32+ binary files.
packing-box/peid
Python implementation of the Packed Executable iDentifier (PEiD)
Fleynaro/SDA
SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Fatmike-GH/Fatpack
A Windows PE packer for executables (x64) with LZMA compression and with full TLS (Thread Local Storage) support.
jnastarot/enma_pe
Cross-platform library for parsing and building PE\PE+ formats
jaketae/deep-malware-detection
A neural approach to malware detection in portable executables
Fatmike-GH/PELoader
A Windows PE loader / manual mapper for executables (x86 and x64) with full TLS (Thread Local Storage) support.
hasherezade/pe2pic
Small visualizator for PE files
guided-hacking/GuidedHacking-Injector
The BEST DLL Injector Library.
packing-box/docker-packing-box
Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection
packing-box/bintropy
Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
Alon-Alush/AlushPacker
PE .exe packer and manual loader for Windows with compression, encryption, and much more
packing-box/dataset-packed-pe
Dataset of packed PE samples
IsaacMarovitz/pe-parser
PE Parsing, but blazing fast
hMihaiDavid/hooks
A DLL that performs IAT hooking
jet2jet/pe-library-js
Provides parsing and generating Portable Executable binaries
packing-box/pypackerdetect
Packing detection tool for PE files
0xcpu/RElieve
scripts, snippets etc.
packing-box/packer-masking-tool
Attack tool for altering packed samples so that they evade static packing detection
Flawww/Relocation-Reconstructor
Heuristically recover relocations and imports from module memory dumps
Alon-Regev/VeganVirus
A Virus to encourage veganism and deter against eating meat.
phax/gt
GetTyp/GetType/GT2 - legacy file format detector
katahiromz/CodeReverse2
The reverse-engineering tool for Windows executables