avast / pe_toolsLinks
A cross-platform Python toolkit for parsing/writing PE files.
☆67Updated last year
Alternatives and similar repositories for pe_tools
Users that are interested in pe_tools are comparing it to the libraries listed below
Sorting:
- A ready-made template for a project based on libpeconv.☆49Updated 5 months ago
- Small visualizator for PE files☆69Updated last year
- Lightweight Portable Executable parsing library and a demo peParser application.☆80Updated 2 years ago
- A set of small utilities, helpers for PIN tracers☆32Updated last year
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆18Updated last year
- Process Injection without R/W target memory and without creating a remote thread☆19Updated 3 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated 2 months ago
- ☆25Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated last year
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Updated 5 years ago
- ☆82Updated 3 years ago
- ☆25Updated last year
- ☆63Updated last year
- ☆71Updated 2 years ago
- Library and tools to access the Windows Minidump (MDMP) format☆43Updated last year
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆146Updated 4 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 11 months ago
- Enumerate user mode shared memory mappings on Windows.☆122Updated 4 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- An x64dbg plugin which marks XFG call signatures as data☆77Updated 2 years ago
- Windows kernel PDB data parsed into YAML☆38Updated 8 months ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Updated 2 years ago
- An Xdbg Plugin of the ERC Library.☆26Updated last year
- A Python script to download PDB files associated with a Portable Executable (PE)☆124Updated 5 months ago
- Yet another Windows DLL injector.☆39Updated 3 years ago
- Add an empty section to a PE file☆53Updated 7 years ago
- Slides from various conference talks☆37Updated 2 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year