pe

There are 224 repositories under pe topic.

  • DLL-Injector

    DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector

    Language:C++100

  • checksec.rs

    Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.

    Language:Rust96

  • PeFixup

    PE File Blessing - To continue or not to continue

    Language:Python86

  • shellcode2exe

    Batch script to compile a binary shellcode blob into an exe file

    Language:Batchfile80

  • CelestialSpark

    A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust

    Language:C79
  • sf2

    sf2

    Antivirus Signature Search Toolkit

    Language:Python78

  • Manual-DLL-Loader

    Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually

    Language:C++68

  • pelauncher

    Portable Executable launcher for Windows NT bypassing loader

    Language:C++65

  • php_server_mapper

    Win32 PE (dll, sys, exe) remote manual mapper written on PHP with injector-client written on C++20

    Language:C++63

  • Cave-Finder

    Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files

    Language:C++57

  • PE-Explorer

    PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports

    Language:C++57

  • Ressy

    Resource editor for PE files

    Language:C#56

  • MiniNT5-Tools

    small Windows 10 (based on Windows PE) with customised tools

    Language:C#50

  • Basic-Rootkit

    POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files

    Language:C++49

  • addscn

    Add an empty section to a PE file

    Language:C++49

  • machomachomangler

    Tools for mangling Mach-O and PE binaries

    Language:Python49

  • FactionsPE

    Most advanced factions plugin for PocketMine-MP

    Language:PHP47

  • zeroimport

    ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.

    Language:C++44

  • bintests

    A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations

    43

  • buna

    An interesting executable file parsing library written by Golang

    Language:Go38

  • Prompt-Enhancer

    Prompt Engineering at Your Fingertips!

    Language:Python37

  • Scylla

    Fork of Scylla with additional fixes and Python bindings.

    Language:C++35

  • MapPE

    PE file mapping and manipulation package.

    Language:Go35

  • zcoff

    Like dumpbin.exe but cross-platform

    Language:Zig32

  • tinycc

    My tinycc fork: hopefully, better OSX support, EFI targets, and ???

    Language:C30

  • libdrv

    Static Library For Windows Drivers

    Language:C++29

  • sim-ba

    (Sim)ulate (Ba)zar Loader

    Language:C++29

  • gopwn

    Golang CTF framework and exploit development module

    Language:Go26

  • mem64

    Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.

    Language:Python26

  • append_signed_pe

    Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.

    Language:C++25

  • kar98k_public

    pwn & ctf tools for windows

    Language:Python25

  • Automated-Malware-Analysis-List

    My personal Automated Malware Analysis Sandboxes and Services

    22

  • PE-Library-x86

    PE Library x86

    Language:Assembly20

  • pe-parser

    PE Parsing, but blazing fast

    Language:Rust19

  • win-version-info

    Windows-only native addon to read version info from executables.

    Language:C++18

  • WhoCalls_C

    WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit (PE) and 64-bit (PE32+) file formats (.exe, .dll, .sys)

    Language:C17