pe-file

There are 3 repositories under pe-file topic.

• hasherezade / pe-bear

  Portable Executable reversing tool with a friendly GUI

  bearparsermalware-analysismultiplatformpe-analyzerpe-analyzer-guipe-editorpe-filepe-format
  Language:C++ 3258

• hasherezade / pe_to_shellcode

  Converts PE into a shellcode

  pe-to-shellcodepe2shellcodeshellcodepe-filepe2shcshellcode-development
  Language:C++ 2648

• hasherezade / libpeconv

  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

  libpeconvmanual-mappingpe-filepe-formatpe-loader
  Language:C++ 1278

• hasherezade / dll_to_exe

  Converts a DLL into EXE

  libpeconvdll2exedll-to-exepe-file
  Language:C++ 815

• mentebinaria / readpe

  The PE file analysis toolkit

  binary-analysismalware-analysismalware-researchpe-fileportable-executablereverse-engineering
  Language:C 720

• saferwall / pe

  A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

  pe-fileportable-executablemalwarepecoffpe-malformationsmalware-analysisparsinggogolangparserbinary-analysisreverse-engineeringpe-format
  Language:Go 368

• hasherezade / IAT_patcher

  Persistent IAT hooking application - based on bearparser

  peiathookingmultiplatformiat-hookingpe-filepe-formatbearparser
  Language:C++ 254

• HoShiMin / formatPE

  A bunch of parsers for PE and PDB formats in C++

  cppheader-onlymodern-cpppdbpdb-filespdb-parserpdb-structurepepe-analyzerpe-applicationspe-filepe-formatportable-executablepe-parser
  Language:C++ 237

• jovibor / libpe

  Library for parsing internal structures of PE32/PE32+ binary files.

  pe-filepe-analyzerpe-formatbinary-analysisportable-executable
  Language:C++ 163

• jovibor / Pepper

  PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

  pe-filepe-analyzerpe-formatpe-viewerfiles-viewerpeportable-executablepepperviewerbinary-analysis
  Language:C++ 161
• LibObjectFile

  xoofx / LibObjectFile

  LibObjectFile is a .NET library to read, manipulate and write linker and executable object files (e.g ELF, PE, DWARF, ar...)

  dwarfelfelf-parserdotnetdebugginglinkercsharppe-file
  Language:C# 161
• peid

  packing-box / peid

  Python implementation of the Packed Executable iDentifier (PEiD)

  peidpeid-signaturepe-filepe-filespe-formatsignature-detectionpythonentrypointpacking-detectionexecutable-packingmalware-packersmalware-analysismalware-researchbinary-analysisresearch-tools
  Language:Python 136

• vic4key / QLoader

  QLoader is a PE loader creator that helps you quickly create a non-exe loader for application

  qloaderloaderpatcherpe-file
  Language:C++ 108

• jaketae / deep-malware-detection

  A neural approach to malware detection in portable executables

  deep-learningmalware-detectionmalware-researchpe-filepe-formatpytorch
  Language:Python 79

• hasherezade / ViDi

  ViDi Visual Disassembler (experimental)

  bearparserdisassemblerpe-filemultiplatform
  Language:C++ 76
• Vutils

  vic4key / Vutils

  Vutils or Vic Utilities is an utility library written in Modern C++ and for Modern C++. It helps your programming go easier, faster, and simpler.

  windowshackingnetworksockethookingregistrywmiapi-hookingmessage-hookingpicker-dialogfile-mappingthread-poolfile-systemasync-socketpe-fileini-filecryptographyrestful-clientservice-manager
  Language:C++ 71

• hasherezade / pe2pic

  Small visualizator for PE files

  pe-filepe-formatpefilevisualizationmalware-analysis
  Language:Python 67

• andyjsmith / Exe-Spy

  ExeSpy is a cross-platform PE viewer for EXE and DLL files

  forensicsforensics-toolswindows-forensicspe-fileportable-executablegui
  Language:Python 62

• hMihaiDavid / addscn

  Add an empty section to a PE file

  cexecutableexecutable-formatspepe-filetoolwindows
  Language:C++ 51

• dotnet / metadata-tools

  Contains tools for metadata, such as Roslyn's metadata visualizer.

  ecma-335metadataportablepe-fileportable-pdb
  Language:C# 49
• bintropy

  packing-box / bintropy

  Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

  entropype-filepe-filespe-formatelfelf-formatelf-binariespacking-detectionmach-oliefpythonexecutable-packingmalware-packersmalware-analysismalware-researchbinary-analysisresearch-tools
  Language:Python 47

• Ricky5panish / PE-Runtime-Crypter

  A runtime Crypter written in C++ to bypass AVs signature based detection

  bypass-antivirusx64cppcrypterpe-filepocruntimewinapievasionredteamfileless
  Language:C++ 36

• packing-box / dataset-packed-pe

  Dataset of packed PE samples

  datasetpe-filesupxsamplespe-formatexecutable-packingpe-filemalware-packersmalware-analysisportable-executablemalware-researchbinary-analysis
  Language:Python 33
• pypackerdetect

  packing-box / pypackerdetect

  Packing detection tool for PE files

  detectorpe-filepe-formatpeidentrypointpe-sectionspe-filessignature-detectionpacking-detectionpythonexecutable-packingmalware-packersmalware-analysismalware-researchbinary-analysispeid-signatureresearch-tools
  Language:Python 23

• JohnTroony / PE-CodeCaving

  Work files for my blog post "Code Caving in a PE file.

  pe-filewindowspefileformatcode-injectioncode-cavepecoffbackdoorbinary-exploitation
  16

• levanvn / PE_Packer

  Simple Packer PE File

  packerpe-file
  Language:C++ 15

• Alex4386-vault / pe-parser

  PE/MZ Header Parser :: A crossplatform Windows PE/MS-DOS MZ Header Parser : Powered by @pay1oad-repo

  reverse-engineeringpe-analyzerpe-filewindowscrossplatformcpppe-headerpe-parsesoftware-analysismz-headermz-parserms-dos
  Language:C++ 11

• BarakAharoni / PEFA

  PE File Analysis Tool

  cybersecuritymalware-analysispe-filereverse-engineeringsecurity-researchsecurity-toolsbinary-analysispython
  Language:Python 6

• StackOverflowExcept1on / anonlink

  Command line tool to automatically patch link.exe to remove Rich PE Header

  linkerpatcherpe-filerustwindows
  Language:Rust 6

• jmcph4 / butyl

  Binary executable tool

  binary-analysisexecutablesexecutable-formatspe-filepe-formatpe-analyzerelfelf-binariesmalware-analysismalware-researchreverse-engineeringdoscoff
  Language:Rust 5

• prabormukherjee / Antivirus

  A basic malware detector using Machine Learning

  joblibantivirusmalware-detectorpyfilepe-filehashlibml
  Language:Python 4

• vic4key / Dependency-Walker

  Dependency Walker - a tool that recursive listing and fixing-up dependencies of a PE file

  windowspe-filedependencywalker
  Language:Python 4

• fafalone / CheckBitness

  A simple utility to verify an executable is valid and check whether 32bit/64bit

  pe-filepe-formattwinbasicvb6
  Language:Visual Basic 6.0 3

• jmcph4 / PEek

  PEek is a simple PE file viewer.

  cpepe-filebinary-analysismalware-analysiswindowsexecutabletooltools
  Language:C 3

• zakuciael / cfv

  Cross-platform node.js library that can extracts file versions from a valid PE file (.exe)

  cfvfile-versioncross-platformpe-file
  Language:TypeScript 3

• fafalone / SetPEImageProps

  Set PE Image Header Properties

  build-toolpe-filepe-formattwinbasicvb6windows
  Language:Visual Basic 6.0 2