mal_unpack
PE unpacker
A tool to unpack malicious code from packed executables using the PE-sieve technique.
Dynamic unpacker based on PE-sieve
668 stars
29 watching
69 forks
Language: C
last commit: 11 months ago
Linked from 1 awesome list
libpeconvmalware-analysismalware-unpackermemory-forensicspe-sieve
Related projects:
| Repository | Description | Stars |
|---|---|---|
| hasherezade/libpeconv | A C++ library that provides a set of helper functions for loading, manipulating, and dumping PE files. | 1,129 |
| hasherezade/bearparser | A C++ library for parsing Portable Executable files | 647 |
| hasherezade/pe-bear-releases | An open-source tool for analyzing and editing PE file formats | 772 |
 malwaremusings/unpacker | Automated malware analysis tool | 118 |
 packing-box/pypackerdetect | Detects whether an executable is packed using various methods and signatures. | 21 |
 yurisizuku/win-simpledpack | A tool for packaging Windows executable files into a compressed format using LZMA compression and relocating shell code to an external DLL. | 110 |
 strazzere/android-unpacker | A tool designed to reverse-engineer and analyze Android malware by unpacking and disassembling APK files | 1,129 |
 phra/pezor | A tool for obfuscating and packing executable files to evade antivirus detection and security measures | 1,869 |
| hasherezade/transacted_hollowing | An implementation of a memory-based PE injection technique for executing payloads in a target process | 521 |
 samlarenn/pepacker | A tool for encrypting and obfuscating .text sections of executable files. | 49 |
 czs108/windows-pe-packer | A tool that packs Windows executable files to make them harder to reverse-engineer | 330 |
 crackinglandia/fuu | A GUI tool with plugins to unpack and decrypt software protected by various compression and encryption algorithms. | 46 |
 phat3/pindemonium | An unpacker tool that uses the PIN technology to analyze and dissect Windows executables. | 229 |
 egebalci/amber | Creates reflective PE files that can be executed in memory without being written to disk | 1,208 |
 kevoreilly/capev2 | A tool to extract configuration and payload from malware by analyzing its behavior in a sandboxed environment. | 2,043 |