Small visualizator for PE files
☆70Sep 20, 2023Updated 2 years ago
Alternatives and similar repositories for pe2pic
Users that are interested in pe2pic are comparing it to the libraries listed below
Sorting:
- A set of small utilities, helpers for PIN tracers☆37Feb 15, 2026Updated 2 weeks ago
- MalUnpack companion driver☆99Jun 17, 2024Updated last year
- Use Windows Management Instrumentation interfaces to perform actions on a Windows system from a Linux System☆16Mar 15, 2012Updated 13 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆154Sep 11, 2022Updated 3 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆56Jun 9, 2018Updated 7 years ago
- Open Anti Cheat☆27Jul 16, 2022Updated 3 years ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- A tool to show the method info at runtime☆13Aug 12, 2019Updated 6 years ago
- A template for projects using both libPeConv and MS Detours☆16Oct 5, 2025Updated 4 months ago
- A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.☆12Jul 26, 2020Updated 5 years ago
- Сlone of POLE - portable library for structured storage.☆11Apr 25, 2018Updated 7 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Sep 19, 2022Updated 3 years ago
- Python wrappers for mal_unpack☆37Sep 19, 2023Updated 2 years ago
- A WinDbg extension to trace COM interactions☆131Aug 14, 2025Updated 6 months ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated last year
- Golang bindings for PE-sieve☆42Nov 11, 2023Updated 2 years ago
- Windows API Call Obfuscation☆112Dec 9, 2022Updated 3 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- A modified fork of Be.HexEditor for use in debug tools☆15Jan 5, 2022Updated 4 years ago
- a bunch of malware in all platform, some maybe not work, this code for some study case or for knowledge. for information about malware yo…☆14Jan 29, 2021Updated 5 years ago
- 一个微型的操作系统☆12Nov 10, 2021Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆98Jan 8, 2022Updated 4 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Sep 1, 2023Updated 2 years ago
- Reverse engineered API for Microsoft's Time Travel Debugger☆36Apr 18, 2024Updated last year
- Diff plugin for x64dbg☆30Dec 14, 2020Updated 5 years ago
- Python script to compress VBA macro files☆24Feb 2, 2023Updated 3 years ago
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- ☆12Dec 15, 2016Updated 9 years ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆19Jul 8, 2022Updated 3 years ago
- MASM Crypto Lib☆16Sep 27, 2015Updated 10 years ago
- Packet Injection With WFP☆16Feb 20, 2023Updated 3 years ago
- A wrapper for capstone for bearparser☆16Oct 8, 2025Updated 4 months ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated last year
- Generate Apache mod_rewrite rules for Mythic C2 profiles☆36Jul 22, 2021Updated 4 years ago