pe-sieve
PE scanner
A tool for detecting and analyzing malicious code in executables
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
3k stars
102 watching
434 forks
Language: C++
last commit: 17 days ago anti-malwarehookinglibpeconvmalware-analysismemory-forensicspe-analyzerpe-dumperpe-formatpe-sieveprocess-analyzerscans
Related projects:
| Repository | Description | Stars |
|---|---|---|
| hasherezade/hollows_hunter | Analyzes running processes to detect and dump malicious code | 2,036 |
| hasherezade/process_doppelganging | An implementation of a malware injection technique using PE injection to create and control malicious processes | 580 |
| hasherezade/transacted_hollowing | An implementation of a memory-based PE injection technique for executing payloads in a target process | 521 |
| hasherezade/mal_unpack | A tool to unpack malicious code from packed executables using the PE-sieve technique. | 657 |
| hasherezade/pe_to_shellcode | Converts PE files into executable shellcode | 2,374 |
 lordnoteworthy/al-khaser | A Proof-of-Concept malware application designed to test anti-malware and sandbox systems. | 5,919 |
| hasherezade/pe-bear-releases | An open-source tool for analyzing and editing PE file formats | 767 |
 projectdiscovery/nuclei | A vulnerability scanner built on YAML templates to identify weaknesses in applications and networks. | 20,687 |
| hasherezade/libpeconv | A library for loading and manipulating executable files (PE files) in a low-level way | 1,117 |
 anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,861 |
 hiddenillusion/analyzepe | Analyzes PE files by combining data from various tools to generate a centralized report. | 204 |
 guelfoweb/peframe | Analyzes Portable Executable malware and malicious MS Office documents for various suspicious features | 610 |
 stamparm/maltrail | Detects and analyzes malicious traffic patterns to identify potential security threats. | 6,535 |
 justicerage/manalyze | Analyzes PE files for security vulnerabilities and suspicious behavior | 1,018 |
| anchore/syft | Generates detailed visibility into software packages and dependencies to manage vulnerabilities and license compliance. | 6,287 |