Alternatives and similar repositories for pe_tree:

Users that are interested in pe_tree are comparing it to the libraries listed below

• mandiant / speakeasy
  Windows kernel and user mode emulation.
  ☆1,636Updated 3 weeks ago
• malrev / ABD
  Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
  ☆1,116Updated 4 years ago
• mohuihui / antispy
  AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,anal…
  ☆1,094Updated 4 years ago
• mandiant / flare-ida
  IDA Pro utilities from FLARE team
  ☆2,313Updated 5 months ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,895Updated 2 weeks ago
• joxeankoret / diaphora
  Diaphora, the most advanced Free and Open Source program diffing tool.
  ☆3,824Updated 5 months ago
• rabbitstack / fibratus
  Adversary tradecraft detection, protection, and hunting
  ☆2,322Updated this week
• unipacker / unipacker
  Automatic and platform-independent unpacker for Windows binaries based on emulation
  ☆689Updated 6 months ago
• hasherezade / pe-sieve
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,282Updated last week
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,413Updated 2 months ago
• gaasedelen / lighthouse
  A Coverage Explorer for Reverse Engineers
  ☆2,348Updated 9 months ago
• mandiant / flare-floss
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,508Updated this week
• taviso / ctftool
  Interactive CTF Exploration Tool
  ☆1,655Updated 3 years ago
• JusticeRage / Manalyze
  A static analyzer for PE executables.
  ☆1,057Updated last year
• everdox / InfinityHook
  Hook system calls, context switches, page faults and more.
  ☆2,525Updated last year
• AllsafeCyberSecurity / awesome-ghidra
  A curated list of awesome Ghidra materials
  ☆1,241Updated 3 years ago
• horsicq / XPEViewer
  PE file viewer/editor for Windows, Linux and MacOS.
  ☆1,071Updated this week
• hasherezade / hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,148Updated 3 weeks ago
• qilingframework / qiling
  A True Instrumentable Binary Emulation Framework
  ☆5,389Updated this week
• j00ru / windows-syscalls
  Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
  ☆2,309Updated 2 months ago
• thalium / icebox
  Virtual Machine Introspection, Tracing & Debugging
  ☆579Updated 3 years ago
• fr0gger / awesome-ida-x64-olly-plugin
  A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
  ☆1,378Updated 10 months ago
• hasherezade / pe-bear-releases
  PE-bear (builds only)
  ☆776Updated last year
• cea-sec / miasm
  Reverse engineering framework in Python
  ☆3,648Updated 3 months ago
• hasherezade / bearparser
  Portable Executable parsing library (from PE-bear)
  ☆658Updated this week
• rizinorg / rz-ghidra
  Deep ghidra decompiler and sleigh disassembler integration for rizin
  ☆862Updated this week
• hugsy / defcon_27_windbg_workshop
  DEFCON 27 workshop - Modern Debugging with WinDbg Preview
  ☆720Updated 5 months ago
• mandiant / capa
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,270Updated last week
• google / rekall
  Rekall Memory Forensic Framework
  ☆1,949Updated 4 years ago
• vivisect / vivisect
  ☆962Updated 2 weeks ago