Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

Principled, lightweight C/C++ PE parser

PE-bear (builds only)

Persistent IAT hooking application - based on bearparser

PE file viewer/editor for Windows, Linux and MacOS.

Vox compiler. AOT / JIT / Linker. Zero dependencies

Cross-platform library for parsing and building PE\PE+ formats

PE (x86) and PE+ (x64) files viewer, based on libpe.

Library for tinkering with PE/PE+ binaries.

A feature rich DLL injection library.

📦 A simple Windows x86 PE file packer written in C & Microsoft Assembly. The file after packing can obstruct the process of reverse engineering.

A DLL that performs IAT hooking

RE scripts, snippets (IDA, lief, gdb, etc.)

An Empirical Study of The PE File Format through RUST & SQL

An open-source multi-platform Windows Portable Executable(PE) analyzing module

GetTyp/GetType/GT2 - legacy file format detector

Machine Learning Malware Detector

Inject a New Section to the pe-executable file

Binary executable tool

Simple PE Format Parser written in C/C++ using Win32API