Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
BSD-2-CLAUSE License
Bot releases are hidden (Show)
Published by hasherezade over 6 years ago
Scans modules within a given process against:
Very basic working set scan (checks -WX pages for manually mapped modules). Suspicious PE modules are dumped along with a JSON report about the indicators.
DIE engine
C/C++ library and tool for scanning a process's memory space on Windows to find regex string patt...
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working...
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
Converts PE into a shellcode
Portable Executable reversing tool with a friendly GUI
An advanced data recovery tool featuring a customizable C2 system, developed using Python, PowerS...