saferwall / peLinks
A lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
☆362Updated last month
Alternatives and similar repositories for pe
Users that are interested in pe are comparing it to the libraries listed below
Sorting:
- Pakkero is a binary packer written in Go made for fun and educational purpose. Its main goal is to take in input a program file (elf bina…☆263Updated 2 years ago
- Go symbol recovery tool☆789Updated last month
- GoRE - Package gore is a library for analyzing Go binaries☆507Updated 3 weeks ago
- A command line Windows API tracing tool for Golang binaries.☆156Updated last year
- Elf binary infector written in Go.☆211Updated 6 months ago
- Python tool to resolve all strings in Go binaries obfuscated by garble☆115Updated 5 months ago
- A Simple Linux ELF Runtime Crypter☆258Updated 5 months ago
- IDApython Scripts for Analyzing Golang Binaries☆642Updated 11 months ago
- Fork of pkg/debug that adds some additional functionality.☆126Updated last year
- x86 malware emulator☆226Updated this week
- Yet another variant of Process Hollowing☆405Updated this week
- Injects additional machine instructions into various binary formats.☆285Updated last year
- Universal Shared Library User-space Loader☆229Updated 3 years ago
- Exploiting DLL Hijacking by DLL Proxying Super Easily☆521Updated 2 years ago
- 🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engine…☆344Updated 9 months ago
- A way to delete a locked file, or current running executable, on disk.☆553Updated last year
- Redress - A tool for analyzing stripped Go binaries☆1,097Updated 3 weeks ago
- It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)☆511Updated 2 years ago
- MinHook binding for Go (Golang) with support for Windows API.☆81Updated 6 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆401Updated last month
- A DTrace on Windows Reimplementation☆349Updated 6 months ago
- Go interface to NTDLL functions☆77Updated last year
- A PoC package for hosting the CLR and executing .NET from Go☆225Updated 2 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆341Updated 2 years ago
- Process Injection Techniques with Golang☆79Updated 5 years ago
- Run binaries straight from memory in Linux☆318Updated 2 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆564Updated last year
- Golang wrappers functions to call Windows APIs☆79Updated 2 years ago
- Go library for ETW (Event Tracing for Windows) events processing☆67Updated 3 years ago
- Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut☆342Updated 2 years ago