hasherezade / pe2picLinks
Small visualizator for PE files
☆70Updated 2 years ago
Alternatives and similar repositories for pe2pic
Users that are interested in pe2pic are comparing it to the libraries listed below
Sorting:
- A collection of shellcode hashes☆17Updated 7 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated last year
- Sysmon shenanigans☆66Updated 5 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- ☆25Updated last year
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆189Updated 3 years ago
- ☆70Updated 8 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆118Updated 2 years ago
- Windows API Hashes used in the malwares☆42Updated 10 years ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆33Updated 6 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 3 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Updated 3 years ago
- MalUnpack companion driver☆97Updated last year
- ☆74Updated last year
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆75Updated 3 years ago
- An Xdbg Plugin of the ERC Library.☆26Updated last year
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Updated 3 years ago
- Extract data of TTD trace file to a minidump☆30Updated 2 years ago
- Windows kernel PDB data parsed into YAML☆41Updated 11 months ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆114Updated 4 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Updated last year
- ☆36Updated 3 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆77Updated 2 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆71Updated last year
- ☆83Updated last year
- Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.☆117Updated 3 years ago