avast / pe_tools
A cross-platform Python toolkit for parsing/writing PE files.
☆63Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for pe_tools
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆57Updated 3 months ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆75Updated last year
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆47Updated 2 months ago
- Enabled / Disable LSA Protection via BYOVD☆62Updated 2 years ago
- A ready-made template for a project based on libpeconv.☆41Updated last month
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆85Updated 9 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆34Updated 4 years ago
- ☆17Updated 3 years ago
- A set of small utilities, helpers for PIN tracers☆31Updated last year
- Collection of DLL function export forwards for DLL export function proxying☆91Updated last year
- Sample project that encrypts windows 32-bit executables with password☆52Updated 2 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆53Updated 3 years ago
- ☆98Updated 2 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 3 years ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 3 years ago
- Add an empty section to a PE file☆50Updated 7 years ago
- x86 and x64 assembly "read-eval-print loop" for Windows☆26Updated 7 years ago
- Library and tools to access the Windows Minidump (MDMP) format☆38Updated 4 months ago
- ☆65Updated last year
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆74Updated 4 years ago
- Windows PDB Parser using Imagehlp library.☆16Updated 2 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- Samples from my book Windows Native API programming☆57Updated 4 months ago
- Finding Truth in the Shadows☆84Updated last year
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆36Updated 2 years ago
- ☆27Updated 2 years ago
- Example of building an application verifer DLL☆44Updated 5 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆49Updated last year
- ☆28Updated 6 years ago