Alternatives and similar repositories for peid

Users that are interested in peid are comparing it to the libraries listed below

• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆142Updated last week
• packing-box / dataset-packed-pe
  Dataset of packed PE samples
  ☆41Updated last year
• NozomiNetworks / upx-recovery-tool
  ☆109Updated 3 years ago
• OALabs / hashdb-ida
  HashDB API hash lookup plugin for IDA Pro
  ☆346Updated 2 months ago
• mandiant / dncil
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆170Updated last month
• packing-box / docker-packing-box
  Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detec…
  ☆62Updated this week
• season-lab / bluepill
  BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
  ☆128Updated 3 years ago
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆86Updated 2 years ago
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆76Updated 7 months ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆219Updated 3 years ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆92Updated 2 years ago
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆312Updated 2 years ago
• OALabs / hashdb
  Assortment of hashing algorithms used in malware
  ☆387Updated last month
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆366Updated 2 months ago
• nazywam / AutoIt-Ripper
  Extract AutoIt scripts embedded in PE binaries
  ☆215Updated last year
• danielplohmann / idascope
  An IDA Pro extension for easier (malware) reverse engineering
  ☆115Updated 3 years ago
• nullteilerfrei / reversing-class
  LERN GHIDRA
  ☆93Updated 4 months ago
• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆155Updated last year
• PELock / Simple-Polymorphic-Engine-SPE32
  Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …
  ☆155Updated 2 years ago
• ThreatLabz / tools
  Tools developed by the Zscaler ThreatLabz Threat Intelligence team
  ☆90Updated 2 weeks ago
• mandiant / xrefer
  FLARE Team's Binary Navigator
  ☆296Updated 2 months ago
• poona / APIMiner
  API Logger for Windows Executables
  ☆80Updated 5 years ago
• sha0coder / mwemu
  x86 malware emulator
  ☆253Updated 3 weeks ago
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆81Updated 3 months ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆217Updated 3 years ago
• VergiliusProject / vergilius-project
  This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…
  ☆227Updated last month
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆132Updated 2 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆71Updated last year
• thewhiteninja / deobshell
  Powershell script deobfuscation using AST in Python
  ☆72Updated 2 months ago
• CheckPointSW / Anti-Debug-DB
  Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…
  ☆62Updated 2 years ago