pefile is a Python module to read and work with PE (Portable Executable) files
☆2,025Mar 2, 2026Updated last week
Alternatives and similar repositories for pefile
Users that are interested in pefile are comparing it to the libraries listed below
Sorting:
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,909Feb 23, 2026Updated 2 weeks ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,564Oct 31, 2025Updated 4 months ago
- LIEF - Library to Instrument Executable Formats (C++, Python, Rust)☆5,309Updated this week
- A static analyzer for PE executables.☆1,107Updated this week
- Reverse engineering framework in Python☆3,833Jan 26, 2025Updated last year
- Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…☆4,080Dec 2, 2025Updated 3 months ago
- IDA Pro utilities from FLARE team☆2,435Oct 29, 2024Updated last year
- Repository of yara rules☆4,727Apr 17, 2024Updated last year
- A list of IDA Plugins☆3,808May 31, 2024Updated last year
- A community driven collection of IDA FLIRT signature files☆1,333Sep 3, 2021Updated 4 years ago
- Diaphora, the most advanced Free and Open Source program diffing tool.☆4,203Nov 24, 2024Updated last year
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,236Aug 7, 2025Updated 7 months ago
- Principled, lightweight C/C++ PE parser☆888Jan 12, 2026Updated last month
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,868Mar 1, 2026Updated last week
- A powerful and user-friendly binary analysis platform!☆8,531Updated this week
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆3,237Sep 3, 2022Updated 3 years ago
- ☆988Jan 16, 2026Updated last month
- IDA 2016 plugin contest winner! Symbolic Execution just one-click away!☆1,615Jun 11, 2025Updated 8 months ago
- Windows kernel and user mode emulation.☆1,868Mar 2, 2026Updated last week
- yarGen is a generator for YARA rules☆1,779Jan 10, 2026Updated last month
- DRAKVUF Black-box Binary Analysis☆1,210Updated this week
- Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX,…☆8,574Mar 2, 2026Updated last week
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,862Updated this week
- Hex-Rays Decompiler plugin for better code navigation☆2,607Nov 27, 2025Updated 3 months ago
- Powerful Disassembler Library For x86/AMD64☆1,325Oct 10, 2023Updated 2 years ago
- IDAPython project for Hex-Ray's IDA Pro☆1,531Dec 24, 2025Updated 2 months ago
- Export disassemblies into Protocol Buffers☆1,177Feb 2, 2026Updated last month
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,335Updated this week
- The pattern matching swiss knife☆9,459Feb 10, 2026Updated 3 weeks ago
- WinAppDbg Debugger☆480Nov 6, 2025Updated 4 months ago
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,867Jun 21, 2024Updated last year
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,296Feb 14, 2026Updated 3 weeks ago
- Defund the Police.☆13,486Jun 7, 2024Updated last year
- An advanced memory forensics framework☆7,972May 16, 2025Updated 9 months ago
- Program for determining types of files for Windows, Linux and MacOS.☆10,355Mar 2, 2026Updated last week
- A True Instrumentable Binary Emulation Framework☆5,834Nov 5, 2025Updated 4 months ago
- Windows Object Explorer 64-bit☆1,888Mar 1, 2026Updated last week
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,924May 3, 2022Updated 3 years ago
- Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)☆8,802Feb 19, 2026Updated 2 weeks ago