Pe-Sieve - Recognizes In Addition To Dumps A Diversity Of Potentially Malicious Implants (Replaced/Injected Pes, Shellcodes, Hooks, In-Memory Patches)

CarolyNeggers June 02, 2020

PE-sieve is a light-weight tool that helps to detect malware running on the system, equally good equally to collect the potentially malicious fabric for farther analysis. Recognizes in addition to dumps diversity of implants inside the scanned process: replaced/injected PEs, shellcodes, hooks, in addition to other in-memory patches.

Detects inline hooks, Process Hollowing, Process Doppelgänging, Reflective DLL Injection, etc.

uses library: https://github.com/hasherezade/libpeconv.git

Clone:
Use recursive clone to larn the repo together alongside the submodule:

git clone --recursive https://github.com/hasherezade/pe-sieve.git

Latest builds*:
*those builds are available for testing in addition to they may last ahead of the official release:

32-bit
64-bit

Download Pe-Sieve

Header Ads Widget

Ticker

Pe-Sieve - Recognizes In Addition To Dumps A Diversity Of Potentially Malicious Implants (Replaced/Injected Pes, Shellcodes, Hooks, In-Memory Patches)

Post a Comment

0 Comments

Popular Posts

Black Temple Entrance Wow

SX SX4047: Godzilla Combiner Mech Build with Minifigures

1 Dollar Bill Secrets

Fifa 2015 Pc Amount Version Download

Studio 5000 download free full version

How to Turn Off Tile Data Model Server Service in Windows 10