DLL_Imports_BOF
PE DLL inspector
An enumeration tool to inspect PE files and extract information about loaded DLLs and their imported functions
A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.
83 stars
3 watching
10 forks
Language: C
last commit: about 3 years ago Related projects:
Repository | Description | Stars |
---|---|---|
espressocake/dll-hijack-search-order-bof | A tool to enumerate the search order of DLL resolution and potentially gain information about a file's mutability. | 141 |
espressocake/process_protection_level_bof | A tool that helps operators determine the protection level of a process before attempting to access its memory | 51 |
espressocake/defender_exclusions-bof | Tools to determine Windows Defender exclusions | 241 |
espressocake/ppldump_bof | A tool for dumping the memory contents of a protected process on Windows | 136 |
espressocake/needle_sift_bof | A tool for searching for specific strings within files using a needle-sift algorithm | 30 |
espressocake/firewall_walker_bof | An exploit technique allowing interaction with Windows software firewall via COM interfaces. | 100 |
boku7/xpipe | This tool lists active Windows pipes and returns their owners and DACL permissions | 75 |
hiddenillusion/analyzepe | Analyzes PE files by combining data from various tools to generate a centralized report. | 204 |
espressocake/self_deletion_bof | BOF implementation of a research concept allowing for controlled deletion of processes | 171 |
espressocake/toggle_token_privileges_bof | A tool to add or remove specific privilege rights from the token of the current process | 52 |
dragon-dreamer/binary-valentine | An executable file analyzer tool that detects security, configuration, optimization, system, and format issues in Windows executables | 18 |
netero1010/servicemove-bof | A tool that exploits a Windows vulnerability to execute arbitrary code on remote systems using a technique called DLL hijacking. | 284 |
petoolse/petools | A toolkit for analyzing and manipulating Portable Executable (PE) files used in Windows applications. | 1,057 |
fzakaria/ebpf-mpls-encap-decap | Demonstrates packet encapsulation and decapsulation with MPLS labels using eBPF | 54 |
med0x2e/sigflip | A tool for modifying signed executable files without invalidating the signature or integrity checks. | 1,094 |