pe
There are 224 repositories under pe topic.
DLL-Injector
DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector
checksec.rs
Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.
PeFixup
PE File Blessing - To continue or not to continue
shellcode2exe
Batch script to compile a binary shellcode blob into an exe file
CelestialSpark
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
sf2
Antivirus Signature Search Toolkit
Manual-DLL-Loader
Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually
pelauncher
Portable Executable launcher for Windows NT bypassing loader
php_server_mapper
Win32 PE (dll, sys, exe) remote manual mapper written on PHP with injector-client written on C++20
Cave-Finder
Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files
PE-Explorer
PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports
Ressy
Resource editor for PE files
MiniNT5-Tools
small Windows 10 (based on Windows PE) with customised tools
Basic-Rootkit
POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files
addscn
Add an empty section to a PE file
machomachomangler
Tools for mangling Mach-O and PE binaries
FactionsPE
Most advanced factions plugin for PocketMine-MP
zeroimport
ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.
bintests
A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations
buna
An interesting executable file parsing library written by Golang
Prompt-Enhancer
Prompt Engineering at Your Fingertips!
Scylla
Fork of Scylla with additional fixes and Python bindings.
MapPE
PE file mapping and manipulation package.
zcoff
Like dumpbin.exe but cross-platform
tinycc
My tinycc fork: hopefully, better OSX support, EFI targets, and ???
libdrv
Static Library For Windows Drivers
sim-ba
(Sim)ulate (Ba)zar Loader
gopwn
Golang CTF framework and exploit development module
mem64
Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
append_signed_pe
Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.
kar98k_public
pwn & ctf tools for windows
Automated-Malware-Analysis-List
My personal Automated Malware Analysis Sandboxes and Services
PE-Library-x86
PE Library x86
pe-parser
PE Parsing, but blazing fast
win-version-info
Windows-only native addon to read version info from executables.
WhoCalls_C
WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit (PE) and 64-bit (PE32+) file formats (.exe, .dll, .sys)