blackberry / pe_tree
Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.
☆1,323Updated 2 years ago
Alternatives and similar repositories for pe_tree:
Users that are interested in pe_tree are comparing it to the libraries listed below
- Windows kernel and user mode emulation.☆1,627Updated this week
- Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories☆1,114Updated 4 years ago
- A Coverage Explorer for Reverse Engineers☆2,338Updated 8 months ago
- Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free…☆1,762Updated last month
- A True Instrumentable Binary Emulation Framework☆5,340Updated 2 weeks ago
- A curated list of awesome Ghidra materials��☆1,231Updated 3 years ago
- IDA Pro utilities from FLARE team☆2,295Updated 5 months ago
- A Trace Explorer for Reverse Engineers☆1,378Updated last year
- Export disassemblies into Protocol Buffers☆1,089Updated last month
- Diaphora, the most advanced Free and Open Source program diffing tool.☆3,784Updated 4 months ago
- Virtual Machine Introspection, Tracing & Debugging☆578Updated 3 years ago
- Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.☆893Updated 5 years ago
- PE file viewer/editor for Windows, Linux and MacOS.☆1,060Updated this week
- ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja…☆2,115Updated last year
- A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.☆1,362Updated 10 months ago
- AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,anal…☆1,096Updated 3 years ago
- Reverse engineering framework in Python☆3,602Updated 2 months ago
- Automatic and platform-independent unpacker for Windows binaries based on emulation☆686Updated 6 months ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,134Updated this week
- Automated static analysis tools for binary programs☆1,587Updated last week
- A fork of AFL for fuzzing Windows binaries☆2,412Updated last week
- PE-bear (builds only)☆775Updated last year
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,263Updated this week
- Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary☆1,031Updated last year
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,280Updated last month
- Hook system calls, context switches, page faults and more.☆2,516Updated last year
- The OpenSource Disassembler☆1,624Updated 5 months ago
- Scripts for the Ghidra software reverse engineering suite.☆1,064Updated 4 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,476Updated this week
- Adversary tradecraft detection, protection, and hunting☆2,286Updated this week