Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with pe

A curated list of projects in awesome lists tagged with pe .

https://github.com/geysermc/geyser

A bridge/proxy allowing you to connect to Minecraft: Java Edition servers with Minecraft: Bedrock Edition.

bedrock bedrock-edition bedrock-to-java bungee fabric geyser geysermc hacktoberfest java java-edition minecraft minecraft-bedrock-edition packet pe protocol proxy spigot translator velocity

Last synced: 23 Apr 2025

https://github.com/GeyserMC/Geyser

A bridge/proxy allowing you to connect to Minecraft: Java Edition servers with Minecraft: Bedrock Edition.

bedrock bedrock-edition bedrock-to-java bungee fabric geyser geysermc hacktoberfest java java-edition minecraft minecraft-bedrock-edition packet pe protocol proxy spigot translator velocity

Last synced: 14 Mar 2025

https://github.com/secretsquirrel/the-backdoor-factory

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

bdf capstone elf file-infector macho pe python

Last synced: 14 May 2025

https://github.com/secretsquirrel/sigthief

Stealing Signatures and Making One Invalid Signature at a Time

certificates pe python python3 testing-antivirus

Last synced: 09 Oct 2025

https://github.com/secretsquirrel/SigThief

Stealing Signatures and Making One Invalid Signature at a Time

certificates pe python python3 testing-antivirus

Last synced: 13 Apr 2025

https://github.com/m4b/goblin

An impish, cross-platform binary parsing crate, written in Rust

archive binary-analysis cross-platform elf mach pe reverse-engineering

Last synced: 12 May 2025

https://github.com/justicerage/manalyze

A static analyzer for PE executables.

analysis malware pe static

Last synced: 27 Jan 2026

https://github.com/washi1337/asmresolver

A library for creating, reading and editing PE files and .NET modules.

assembler cil disassembler dotnet il malware-analysis msil parser pe portable-executable reader reverse-engineering writer

Last synced: 16 May 2025

https://github.com/forrest-orr/moneta

Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

artifact dump hollowing injection ioc malware memory moneta pe process reflective scanner shellcode usermode windows

Last synced: 13 Apr 2025

https://github.com/frkngksl/shoggoth

Shoggoth: Asmjit Based Polymorphic Encryptor

asmjit bof coff loader obfuscator pe polymorphic-engine polymorphism shellcode

Last synced: 04 Apr 2025

https://github.com/frkngksl/Shoggoth

Shoggoth: Asmjit Based Polymorphic Encryptor

asmjit bof coff loader obfuscator pe polymorphic-engine polymorphism shellcode

Last synced: 27 Sep 2025

https://github.com/hasherezade/bearparser

Portable Executable parsing library (from PE-bear)

bearparser multiplatform parser-library pe

Last synced: 15 May 2025

https://github.com/secana/penet

Portable Executable (PE) library written in .Net

imphash import-hash malware-analysis pe pe-header pefile portable-executable windows

Last synced: 14 May 2025

https://github.com/t00sh/rop-tool

A tool to help you write binary exploits

arm elf exploit macho mips pe rop x86 x86-64

Last synced: 02 Apr 2025

https://github.com/GeyserMC/Floodgate

Hybrid mode plugin to allow for connections from Geyser to join online mode servers.

bedrock bedrock-edition bedrock-to-java bukkit bungee floodgate geyser geysermc hacktoberfest java java-edition minecraft pe plugin velocity

Last synced: 11 Apr 2025

https://github.com/geysermc/floodgate

Hybrid mode plugin to allow for connections from Geyser to join online mode servers.

bedrock bedrock-edition bedrock-to-java bukkit bungee floodgate geyser geysermc hacktoberfest java java-edition minecraft pe plugin velocity

Last synced: 06 Oct 2025

https://github.com/cyberark/dllspy

DLL Hijacking Detection Tool

dll dll-hijacking pe permission privilege-escalation

Last synced: 05 Apr 2025

https://github.com/alphaseclab/windows-security

Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.

amsi applocker dll pe powershell sysinternal uac windows-defender windows-security

Last synced: 06 Apr 2025

https://github.com/alphaSeclab/windows-security

Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.

amsi applocker dll pe powershell sysinternal uac windows-defender windows-security

Last synced: 11 Jul 2025

https://github.com/cyberark/DLLSpy

DLL Hijacking Detection Tool

dll dll-hijacking pe permission privilege-escalation

Last synced: 11 Jul 2025

https://github.com/mewmew/dissection

The dissection of a simple "hello world" ELF binary.

assembly binary-analysis disassembly dissection elf hello hello-world pe

Last synced: 17 Dec 2025

https://github.com/saferwall/pe

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

binary-analysis coff go golang malware malware-analysis parser parsing pe pe-file pe-format pe-malformations portable-executable reverse-engineering

Last synced: 12 Jan 2026

https://github.com/wenzel/checksec.py

Checksec tool in Python, Rich output. Based on LIEF

checksec elf pe

Last synced: 04 Oct 2025

https://github.com/Wenzel/checksec.py

Checksec tool in Python, Rich output. Based on LIEF

checksec elf pe

Last synced: 07 May 2025

https://github.com/wolfram77web/app-peid

PEiD detects most common packers, cryptors and compilers for PE files.

disassembly pe reverse-engineering

Last synced: 30 Apr 2026

https://github.com/can1357/linux-pe

COFF and Portable Executable format described using standard C++ with no dependencies.

coff pe portable-executable windows

Last synced: 12 Apr 2025

https://github.com/Antonin-Deniau/cave_miner

Search for code cave in all binaries

cave code code-injection codecave elf kaitai kaitai-struct mach-o pe

Last synced: 20 Apr 2025

https://github.com/hasherezade/iat_patcher

Persistent IAT hooking application - based on bearparser

bearparser hooking iat iat-hooking multiplatform pe pe-file pe-format

Last synced: 04 Jul 2025

https://github.com/forrest-orr/artifacts-kit

Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.

artifact dll forensics generator header hollowing kit malware mirroring moating pe phtnaom shellcode wiping

Last synced: 09 Apr 2025

https://github.com/adamhlt/dll-injector

DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector

dll-injection dll-injector loadlibrary pe winapi windows windows-internals

Last synced: 25 Feb 2026

https://github.com/jstrosch/sclauncher

A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.

malware-analysis pe portable-executable reverse-engineering shellcode x64 x86

Last synced: 11 Apr 2025

https://github.com/sashs/filebytes

Library to read and edit files in the following formats: Executable and Linking Format (ELF), Portable Executable (PE), MachO and OAT (Android Runtime)

elf mach-o oat pe pe32 python

Last synced: 30 Apr 2025

https://github.com/p0dalirius/pypdbdownload

A Python script to download PDB files associated with a Portable Executable (PE)

debug download microsoft pdb pe portable-executable tool

Last synced: 23 Apr 2025

https://github.com/etke/checksec.rs

Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.

binary-security checksec elf linux macho osx pe rust security windows

Last synced: 21 Feb 2026

https://github.com/p0dalirius/pdbdownload

A Python script to download PDB files associated with a Portable Executable (PE)

debug download microsoft pdb pe portable-executable tool

Last synced: 03 Apr 2025

https://github.com/karkas66/celestialspark

Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust

pe position-in shellcode stager

Last synced: 08 Apr 2025

https://github.com/adamhlt/manual-dll-loader

Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually

dll loader manual pe winapi windows windows-internals

Last synced: 07 May 2025

https://github.com/adamhlt/Cave-Finder

Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files

codecave cpp pe winapi windows windows-internals

Last synced: 04 Dec 2025

https://github.com/adamhlt/pe-explorer

PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports

pe pe-analyzer pe-viewer windows windows-internals

Last synced: 07 May 2025

https://github.com/backengineering/bintests

A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations

binary-rewriting disassembly pe pe32 pe64

Last synced: 07 Apr 2026

https://github.com/adamhlt/cave-finder

Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files

codecave cpp pe winapi windows windows-internals

Last synced: 07 May 2025

https://github.com/adamhlt/basic-rootkit

POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files

dll pe ring3 rootkit winapi

Last synced: 07 May 2025

https://github.com/njsmith/machomachomangler

Tools for mangling Mach-O and PE binaries

mach-o pe python shared-libraries

Last synced: 05 Sep 2025

https://github.com/blockhorizons/factionspe

Most advanced factions plugin for PocketMine-MP

faction massivecraft mcpe mcpe-plugin minecraft pe plugin pocketmine

Last synced: 23 Oct 2025

https://github.com/ergrelet/scylla

Fork of Scylla with additional fixes and Python bindings.

cpp dump iat imports pe python scylla unpack windows

Last synced: 27 Apr 2025

https://github.com/fcharlie/buna

An interesting executable file parsing library written by Golang

elf golang macho pe

Last synced: 25 Mar 2025

https://github.com/egebalci/mappe

PE file mapping and manipulation package.

loader parser pe

Last synced: 12 May 2025

https://github.com/andreiw/tinycc

My tinycc fork: hopefully, better OSX support, EFI targets, and ???

efi macho osx pe tcc tinycc uefi

Last synced: 04 Mar 2026

https://github.com/kubkon/zcoff

Like dumpbin.exe but cross-platform

coff dumpbin pe zig

Last synced: 17 Mar 2025

https://github.com/hupe1980/gopwn

Golang CTF framework and exploit development module

binary cave ctf ctf-framework elf exploit golang macho pe shellcode

Last synced: 16 Apr 2025

https://github.com/0xyg3n/mem64

Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.

executable memory-payload native pe

Last synced: 11 Apr 2025

https://github.com/jet2jet/pe-library-js

Provides parsing and generating Portable Executable binaries

javascript javascript-library nodejs pe pe-format portable-executable

Last synced: 22 Jan 2026

https://github.com/malwarekid/fileless-pe

Python program Fileless-PE.py generates a Python script (PEloader.py) to load a DLL or EXE file from a given URL. It provides functionality to specify a method to execute if the file is a DLL. The script utilizes the pythonmemorymodule library for memory manipulation.

dll exe fileless in-memory loader malware memory-execution pe python script trojan virus

Last synced: 06 Jul 2025

https://github.com/vweevers/win-version-info

Windows-only native addon to read version info from executables.

exe metadata nodejs pe windows

Last synced: 21 Jun 2025

https://github.com/macmod/malkom

Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets of PE and ELF malware samples.

binary-analysis clustering elf elf-binaries graph graphviz malware malware-analysis pe pe-binaries python research reverse-engineering visualization

Last synced: 31 Jul 2025

https://github.com/iseki0/executables

Library for executable/object files parsing(include PE version info, virtual memory), in Kotlin multiplatform.

exe fileformat kotlin kotlin-multiplatform pe pefile

Last synced: 16 Jan 2026

https://github.com/seekbytes/microscope

Static analysis tool that detects potential ransomware in PE and ELF files through heuristic analysis

binary-analysis elf pe ransomware static-analysis

Last synced: 12 Jul 2025

https://github.com/d3dave/cough

Write COFF object files from Python

build coff development obj pe python python-3 python3

Last synced: 01 Apr 2026

https://github.com/fkie-cad/headerparser

Header information parser for PE, ELF, DEX, MachO, ZIP (JAR, DocX).

binary dex elf header linux macho parser pe windows zip

Last synced: 07 Sep 2025

https://github.com/orcastor/fico

🔬【FileICOn】从文件提取图标(支持图片[bmp/gif/jpg/jpeg/jp2/jpeg2000/png/tiff]、图标[ico/icns]、Windows可执行文件[exe/dll]、资源文件[mui/mun]、Linux可执行文件[*.desktop{*.AppImage/*.run}]、手机应用安装包[apk/ipa]、Windows文件夹图标[autorun.inf/desktop.ini]、MacOSX程序[*.app])Extract icon from file or directory.

dll exe icns ico icon icon-extractor image pe png zip

Last synced: 17 Jan 2026

https://github.com/iartorias/debug_remover

A tiny tool to strip the debug info from Windows binary files.

cpp cpp17 debug pe pe-binaries

Last synced: 14 Jun 2025

https://github.com/williamvenner/linkstore

Rust crate for embedding, manipulating and retrieving data embedded in binaries using linker sections

ar binaries binary coff drm elf executable fingerprint fingerprinting linker linking mach-o macho pe program rust steganography

Last synced: 01 Apr 2025

https://github.com/phax/gt

GetTyp/GetType/GT2 - legacy file format detector

c-plus-plus commandline exe file file-format file-format-detection pe pe-format portable-executable

Last synced: 26 Oct 2025

https://github.com/rickmark/peiutil

Tool to convert UEFI images from PEI (TE or VZ files) to PE for analysis

disassembler efi firmware pe pei vzl

Last synced: 19 Jul 2025

https://github.com/koczkatamas/checksec-js

Check various security hardening features on ELF, PE and Mach-O binaries

aslr binary canary checksec elf hardening mach-o pe pie relro rpath runpath stack-protector

Last synced: 09 Apr 2025

https://github.com/opengene/pecheck

check paired-end FASTQ data integrity

bioinformatics check consistence fastq identical illumina integrity paired-end pe

Last synced: 30 Jun 2025

https://github.com/winscripter/ilsourceparser

Provides functionality for parsing ECMA-335 Microsoft Intermediate Language (IL) syntax to a syntax tree.

ast cil common-intermediate-language csharp dotnet ecma335 il intermediate-language msil netcore parser pe syntax

Last synced: 09 Apr 2025

https://github.com/renarddev/renjack

Renard Injector (PE section injector with hooks)

cpp injector pe reverse-engineering

Last synced: 05 Oct 2025

https://github.com/empyreal96/pe-viewer-uwp

A small basic app to read information from EXE and DLL files, made in UWP for my own learning experiment

executable-viewer pe pe-viewer portable-executable uwp-app w10m windows

Last synced: 20 Jun 2025

https://github.com/diananites/nupe

Pure Rust PE Read/Write Library

pe portable-executable rust

Last synced: 08 May 2025

https://github.com/realtriassic/geyserdebuginfo

A Geyser extension that strives to provide F3-like debug information for Minecraft: Bedrock Edition players.

bedrock bedrock-to-java geyser geyser-extension geysermc hacktoberfest java packet pe

Last synced: 02 May 2025

https://github.com/mauricelambert/peinjector

This python tool injects shellcode in Windows Program Executable to backdoor it with optional polymorphism.

backdoor injection pe pe-injector polymorphism shellcode

Last synced: 17 Mar 2026

https://github.com/dkxce/significatepe

SignificatePE - Significator for Exe, Dll, MSI (signtool analog) with build-in TSP Server

certificate dkxce dll exe msi pe pfx sign signature signcode significate significator signtool

Last synced: 02 Sep 2025

https://github.com/nightfall-security/dump

dump section of a PE & display it properly

cpp dump pe sec windows

Last synced: 11 Apr 2025

https://github.com/jmcph4/peek

PEek is a simple PE file viewer.

binary-analysis c executable malware-analysis pe pe-file tool tools windows

Last synced: 20 May 2026

https://github.com/p0dalirius/sortpebyversions

A Python script to sort Portable Executable (PE) files by their version and download debug symbols if existing.

archive files pe research sort

Last synced: 03 Sep 2025

https://github.com/dmtai/wdpe

wdpe is a library for writing data to signed PE files(exe/dll/etc.) without invalidating or damaging the authenticode digital signature of the file

modification pe portable-executable reverse-engineering

Last synced: 13 May 2025

https://github.com/dsuarezv/pewalker

A playground to test PE file structures (Portable Executable)

authenticode csharp pe pef portable-executable

Last synced: 12 Jul 2025

https://github.com/zhuagenborn/windows-tiny-pe

🗜️ A 208-byte, manually created tiny Windows x86 PE file that can run on Windows XP and pop up a message box.(手动创建的微型Windows x86可执行文件,仅为208字节,可以在Windows XP运行并弹出消息框。)

pe reverse-engineering windows

Last synced: 13 May 2026

https://github.com/sebescudie/vl.penet

A partial vvvv wrapper of the excellent PeNet, a Portable Executable parser for .NET. Built for learning purposes!

malware-analysis pe vvvv

Last synced: 03 Sep 2025

https://github.com/mistuke/binutils-gdb

Fork of binutils optimised for native and fast Windows I/O use.

binutils linker optimization pe windows

Last synced: 30 Jul 2025

https://github.com/ibadr49/portfolio-v2

Dit betreft mijn geüpdatete persoonlijke portfolio v2

pe performance svelte toegankelijkheid

Last synced: 24 Jan 2026