https://github.com/owlinux1000/pedumper
pedumper can easily dump PE files in the target memory
https://github.com/owlinux1000/pedumper
Last synced: 12 months ago
JSON representation
pedumper can easily dump PE files in the target memory
- Host: GitHub
- URL: https://github.com/owlinux1000/pedumper
- Owner: owlinux1000
- License: mit
- Created: 2022-12-14T21:30:52.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-12-21T01:40:56.000Z (over 3 years ago)
- Last Synced: 2025-03-06T00:26:14.264Z (about 1 year ago)
- Language: Python
- Size: 21.5 KB
- Stars: 2
- Watchers: 4
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: docs/README.md
- License: LICENSE
Awesome Lists containing this project
README
# pedumper
[](https://pepy.tech/project/pedumper)
pedumper can easily dump PE files within memory.
## Installation
```cmd
pip install pedumper
```
## How to use
```cmd
C:\Users\user\Desktop>pedumper -p 24532
[!] Found a PE file in the target memory
[*] Address : 0x133f8e80000
[*] Region : 0x133f8e80000 - 0x133f8eb7000
[*] Protect : 0x40 (PAGE_EXECUTE_READWRITE)
[*] Type : 0x20000 (MEM_PRIVATE)
[*] State : 0x1000 (MEM_COMMIT)
[!] Saved the found PE to 0x133f8e80000.exe
[!] Found a PE file in the target memory
[*] Address : 0x133f8e9b800
[*] Region : 0x133f8e80000 - 0x133f8eb7000
[*] Protect : 0x40 (PAGE_EXECUTE_READWRITE)
[*] Type : 0x20000 (MEM_PRIVATE)
[*] State : 0x1000 (MEM_COMMIT)
[!] Saved the found PE to 0x133f8e9b800.exe
```