pefile is a Python module to read and work with PE (Portable Executable) files
☆2,045Jun 7, 2026Updated last week
Alternatives and similar repositories for pefile
Users that are interested in pefile are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆4,055Jun 12, 2026Updated last week
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,685Jun 6, 2026Updated last week
- LIEF - Library to Instrument Executable Formats (C++, Python, Rust)☆5,453Updated this week
- A static analyzer for PE executables.☆1,124Mar 11, 2026Updated 3 months ago
- Principled, lightweight C/C++ PE parser☆901Jun 3, 2026Updated 2 weeks ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- IDA Pro utilities from FLARE team☆2,452Oct 29, 2024Updated last year
- Repository of yara rules☆4,819Apr 17, 2024Updated 2 years ago
- Reverse engineering framework in Python☆3,885Mar 26, 2026Updated 2 months ago
- Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX,…☆8,839Updated this week
- A powerful and user-friendly binary analysis platform!☆8,892Jun 12, 2026Updated last week
- Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…☆4,198May 20, 2026Updated 3 weeks ago
- A list of IDA Plugins☆3,830May 31, 2024Updated 2 years ago
- ☆996Jun 12, 2026Updated last week
- Diaphora, the most advanced Free and Open Source program diffing tool.☆4,299May 14, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- DRAKVUF Black-box Binary Analysis☆1,241Updated this week
- yarGen is a generator for YARA rules☆1,795Jan 10, 2026Updated 5 months ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,273Mar 26, 2026Updated 2 months ago
- A community driven collection of IDA FLIRT signature files☆1,348Sep 3, 2021Updated 4 years ago
- IDAPython project for Hex-Ray's IDA Pro☆1,532Dec 24, 2025Updated 5 months ago
- IDA 2016 plugin contest winner! Symbolic Execution just one-click away!☆1,618Jun 11, 2025Updated last year
- Windows kernel and user mode emulation.☆1,984May 21, 2026Updated 3 weeks ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆7,001Jun 2, 2026Updated 2 weeks ago
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆3,285Sep 3, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,956May 3, 2022Updated 4 years ago
- The pattern matching swiss knife☆9,674Updated this week
- The FLARE team's open-source tool to identify capabilities in executable files.☆6,064Updated this week
- WinAppDbg Debugger☆484Mar 24, 2026Updated 2 months ago
- Hex-Rays Decompiler plugin for better code navigation☆2,633Nov 27, 2025Updated 6 months ago
- Powerful Disassembler Library For x86/AMD64☆1,336Oct 10, 2023Updated 2 years ago
- Defund the Police.☆13,862Jun 7, 2024Updated 2 years ago
- Export disassemblies into Protocol Buffers☆1,191May 7, 2026Updated last month
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,916Jun 21, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Elastic Malware Benchmark for Empowering Researchers☆1,163Nov 22, 2024Updated last year
- An advanced memory forensics framework☆8,030May 16, 2025Updated last year
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,354Feb 14, 2026Updated 4 months ago
- Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)☆9,022May 14, 2026Updated last month
- Official repository for Pyew.☆394Sep 6, 2019Updated 6 years ago
- Program for determining types of files for Windows, Linux and MacOS.☆10,975Updated this week
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,361Apr 18, 2026Updated 2 months ago