avast / pe_tools
A cross-platform Python toolkit for parsing/writing PE files.
☆63Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for pe_tools
- A ready-made template for a project based on libpeconv.☆41Updated 3 weeks ago
- Sample project that encrypts windows 32-bit executables with password☆52Updated 2 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆85Updated 9 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆115Updated 3 months ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆72Updated last year
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆57Updated 2 months ago
- Add an empty section to a PE file☆49Updated 7 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆74Updated 4 years ago
- Enabled / Disable LSA Protection via BYOVD☆62Updated 2 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆93Updated 2 years ago
- Collection of DLL function export forwards for DLL export function proxying☆89Updated last year
- Enumerate user mode shared memory mappings on Windows.☆114Updated 3 years ago
- Yet another Windows DLL injector.☆38Updated 2 years ago
- Windows 10 PE image loader (LDR) NTDLL component toolbox☆41Updated 5 years ago
- Library and tools to access the Windows Minidump (MDMP) format☆38Updated 3 months ago
- ☆65Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆84Updated 2 years ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆98Updated 5 years ago
- A set of small utilities, helpers for PIN tracers☆31Updated last year
- Windows API Hashes used in the malwares☆38Updated 9 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆92Updated 5 years ago
- anti-ransomware file-system filter☆46Updated 2 months ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆94Updated 4 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆53Updated 2 years ago
- ☆27Updated 2 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆148Updated 4 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆33Updated 2 years ago
- A small library helping to parse commandline parameters (for C/C++)☆53Updated last year
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆47Updated 2 months ago