Giters

deeprobin / erase-pe-header

Erases windows portable x86-executable headers from memory

Repository from Github https://github.comdeeprobin/erase-pe-headerRepository from Github https://github.comdeeprobin/erase-pe-header

pe-x86portable-executablewindows-executablememory-leak

erase-pe-header

This crate overwrites the PE header in memory with nulls. This can trick some antivirus & analysis software and it could be useful in malware creation. This crate was not created with malicious intent but for educational purposes. (Only works on windows)

This crate was adapted from C++ Source.

Example

fn main() {
    if cfg!(target_os = "windows") {
        unsafe { erase_pe_header::erase_pe_header() };
    }
    println!("Hello world");
}

About

Erases windows portable x86-executable headers from memory

pe-x86portable-executablewindows-executablememory-leak

Languages

Language:Rust 100.0%