pe-file

There are 3 repositories under pe-file topic.

• hasherezade / pe-bear

  Portable Executable reversing tool with a friendly GUI

  bearparsermalware-analysismultiplatformpe-analyzerpe-analyzer-guipe-editorpe-filepe-format
  Language:C++ 2439

• hasherezade / pe_to_shellcode

  Converts PE into a shellcode

  pe-to-shellcodepe2shellcodeshellcodepe-filepe2shc
  Language:C++ 2214

• hasherezade / libpeconv

  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

  pe-filepe-formatlibpeconvpe-loadermanual-mapping
  Language:C++ 1052

• hasherezade / dll_to_exe

  Converts a DLL into EXE

  dll-to-exedll2exelibpeconvpe-file
  Language:C++ 774

• mentebinaria / readpe

  The PE file analysis toolkit

  binary-analysisreverse-engineeringpe-fileportable-executablemalware-analysismalware-research
  Language:C 655

• saferwall / pe

  A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

  binary-analysiscoffgogolangmalwaremalware-analysisparserparsingpepe-filepe-formatpe-malformationsportable-executablereverse-engineering
  Language:Go 290

• hasherezade / IAT_patcher

  Persistent IAT hooking application - based on bearparser

  peiathookingmultiplatformiat-hookingpe-filepe-formatbearparser
  Language:C++ 242

• HoShiMin / formatPE

  A bunch of parsers for PE and PDB formats in C++

  cppheader-onlymodern-cpppdbpdb-filespdb-parserpdb-structurepepe-analyzerpe-applicationspe-filepe-formatportable-executablepe-parser
  Language:C++ 212

• jovibor / libpe

  Library for parsing internal structures of PE32/PE32+ binary files.

  binary-analysispe-analyzerpe-filepe-formatportable-executable
  Language:C++ 148

• jovibor / Pepper

  PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

  pe-filepe-analyzerpe-formatpe-viewerfiles-viewerpeportable-executablepepperviewerbinary-analysis
  Language:C++ 130
• peid

  packing-box / peid

  Python implementation of the Packed Executable iDentifier (PEiD)

  binary-analysisentrypointexecutable-packingmalware-analysismalware-packersmalware-researchpacking-detectionpe-filepe-filespe-formatpeidpeid-signaturepythonresearch-toolssignature-detection
  Language:Python 120

• vic4key / QLoader

  QLoader is a PE loader creator that helps you quickly create a non-exe loader for application

  qloaderloaderpatcherpe-file
  Language:C++ 95

• hasherezade / ViDi

  ViDi Visual Disassembler (experimental)

  bearparserdisassemblermultiplatformpe-file
  Language:C++ 75

• hasherezade / pe2pic

  Small visualizator for PE files

  malware-analysispe-filepe-formatpefilevisualization
  Language:Python 66

• jaketae / deep-malware-detection

  A neural approach to malware detection in portable executables

  deep-learningmalware-detectionmalware-researchpe-filepe-formatpytorch
  Language:Python 66
• Vutils

  vic4key / Vutils

  Vutils or Vic Utilities is an utility library written in Modern C++ and for Modern C++. It helps your programming go easier, faster, and simpler.

  windowshackingnetworksockethookingregistrywmiapi-hookingmessage-hookingpicker-dialogfile-mappingthread-poolfile-systemasync-socketpe-fileini-filecryptographyrestful-clientservice-manager
  Language:C++ 65

• andyjsmith / Exe-Spy

  ExeSpy is a cross-platform PE viewer for EXE and DLL files

  forensicsforensics-toolswindows-forensicspe-fileportable-executablegui
  Language:Python 49

• hMihaiDavid / addscn

  Add an empty section to a PE file

  cexecutableexecutable-formatspepe-filetoolwindows
  Language:C++ 49

• dotnet / metadata-tools

  Contains tools for metadata, such as Roslyn's metadata visualizer.

  ecma-335metadataportablepe-fileportable-pdb
  Language:C# 48
• bintropy

  packing-box / bintropy

  Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

  binary-analysiselfelf-binarieself-formatentropyexecutable-packingliefmach-omalware-analysismalware-packersmalware-researchpacking-detectionpe-filepe-filespe-formatpythonresearch-tools
  Language:Python 38

• packing-box / dataset-packed-pe

  Dataset of packed PE samples

  binary-analysisdatasetexecutable-packingmalware-analysismalware-packersmalware-researchpe-filepe-filespe-formatportable-executablesamplesupx
  Language:Python 23

• Ricky5panish / PE-Runtime-Crypter

  A runtime Crypter written in C++ to bypass AVs signature based detection

  bypass-antivirusx64cppcrypterpe-filepocruntimewinapievasionredteamfileless
  Language:C++ 20
• pypackerdetect

  packing-box / pypackerdetect

  Packing detection tool for PE files

  binary-analysisdetectorentrypointexecutable-packingmalware-analysismalware-packersmalware-researchpacking-detectionpe-filepe-filespe-formatpe-sectionspeidpeid-signaturepythonresearch-toolssignature-detection
  Language:Python 19

• JohnTroony / PE-CodeCaving

  Work files for my blog post "Code Caving in a PE file.

  pe-filewindowspefileformatcode-injectioncode-cavepecoffbackdoorbinary-exploitation
  16

• levanvn / PE_Packer

  Simple Packer PE File

  packerpe-file
  Language:C++ 13

• Alex4386 / pe-parser

  PE/MZ Header Parser :: A crossplatform Windows PE/MS-DOS MZ Header Parser : Powered by @pay1oad-repo

  reverse-engineeringpe-analyzerpe-filewindowscrossplatformcpppe-headerpe-parsesoftware-analysismz-headermz-parserms-dos
  Language:C++ 10

• BarakAharoni / PEFA

  PE File Analysis tool

  cybersecuritymalware-analysispe-filereverse-engineeringsecurity-researchsecurity-tools
  Language:Python 5

• jmcph4 / butyl

  Binary executable tool

  binary-analysisexecutablesexecutable-formatspe-filepe-formatpe-analyzerelfelf-binariesmalware-analysismalware-researchreverse-engineeringdoscoff
  Language:Rust 5

• StackOverflowExcept1on / anonlink

  Command line tool to automatically patch link.exe to remove Rich PE Header

  linkerpatcherpe-filerust
  Language:Rust 4

• fafalone / CheckBitness

  A simple utility to verify an executable is valid and check whether 32bit/64bit

  pe-filepe-formattwinbasicvb6
  Language:Visual Basic 6.0 3

• jmcph4 / PEek

  PEek is a simple PE file viewer.

  cpepe-filebinary-analysismalware-analysiswindowsexecutabletooltools
  Language:C 3

• prabormukherjee / Antivirus

  A basic malware detector using Machine Learning

  joblibantivirusmalware-detectorpyfilepe-filehashlibml
  Language:Python 3

• vic4key / Dependency-Walker

  Dependency Walker - a tool that recursive listing and fixing-up dependencies of a PE file

  windowspe-filedependencywalker
  Language:Python 3

• zakuciael / cfv

  Cross-platform node.js library that can extracts file versions from a valid PE file (.exe)

  cfvfile-versioncross-platformpe-file
  Language:TypeScript 3

• jcfromsiberia / SymSeek

  Desktop application for searching symbols within binaries

  symbolsbinarype-filesearchimportsexportsnative-binariesfind
  Language:C++ 2

• fafalone / SetPEImageProps

  Set PE Image Header Properties

  build-toolpe-filepe-formattwinbasicvb6windows
  Language:Visual Basic 6.0 1