#Pe-dumper
Showing 4 of 4 repositories tagged #pe-dumper, ranked by stars
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
M3MX Unified memory forensics workbench powered by Volatility manual & automated analysis, MITRE ATT&CK mapping, and an AI agent, all in your browser.
Generic Themida/WinLicense payload extractor. Launches protected PE as suspended process, detects section decryption, dumps unpacked binary with fixed headers, and scans process memory for IOCs. Supports EXE and DLL targets (x86/x64).
VMProtect payload extractor with IAT reconstruction. Monitors section unpacking, dumps PE with fixed headers, reconstructs imports via module export enumeration, and scans heap for IOCs. Supports EXE and DLL targets (x86/x64).