pefile topics

Frampton

75

Stars

18

Forks

Watchers

PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible

ins1gn1a

backdoor

cave-discovery

exploit-kit

pe-injector

PeNet

568

Stars

110

Forks

Watchers

Portable Executable (PE) library written in .Net

secana

imphash

import-hash

malware-analysis

pe

petools

967

Stars

130

Forks

Watchers

PE Tools - Portable executable (PE) manipulation toolkit

petoolse

analysis

disassembler

dumper

entropy

unipacker

609

Stars

74

Forks

Watchers

Automatic and platform-independent unpacker for Windows binaries based on emulation

unipacker

debugger

dumper

emulation

packers

process_ghosting

605

Stars

113

Forks

Watchers

Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file

hasherezade

pe-injection

pe-injector

pefile

transacted_hollowing

497

Stars

72

Forks

Watchers

Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging

hasherezade

code-injection

malware

pe-injector

pefile

Machine-Learning-approach-for-Malware-Detection

73

Stars

47

Forks

Watchers

A Machine Learning approach for classifying a file as Malicious or Legitimate

surajr

machine-learning

malware-detection

pefile

security-scanner

MalwareDataScience

116

Stars

37

Forks

Watchers

Malware Data Science Reading Diary / Notes

hija

data-science

deep-learning

machine-learning

malware

pe2pic

66

Stars

15

Forks

Watchers

Small visualizator for PE files

hasherezade

malware-analysis

pe-file

pe-format

pefile

BetterGetProcAddress

95

Stars

14

Forks

Watchers

POC of a better implementation of GetProcAddress for ntdll using binary search

0x00Jeff

binary-search

exports

getprocaddress

peb