#Pe-analyzer
Showing 7 of 7 repositories tagged #pe-analyzer, ranked by stars
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Portable Executable reversing tool with a friendly GUI
Cross-platform library for parsing and building PE\PE+ formats
Modern PE/ARM/.NET analyzer and editor rebuilt with Qt 5.15
Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shellcode, memory regions, modules and processes.
Static file analysis for PE files
Nuitka Assembly analyzer (as well as PyInstaller and other packagers) and native exe-files for extracting metadata, strings, modules, and structures from compiled ones.exe files. It is not a decompiler - it does not restore the source code.