PE-sieve

PE-sieve scans a given process, searching for the modules containing in-memory code modifications. When found, it dumps the modified PE.
Detects inline hooks, hollowed processes etc.

uses library: https://github.com/hasherezade/libpeconv.git

Clone:

Use recursive clone to get the repo together with the submodule:

git clone --recursive https://github.com/hasherezade/pe-sieve.git

Latest builds*:

*those builds are available for testing and they may be ahead of the official release:

Name		Name	Last commit message	Last commit date
Latest commit History 345 Commits
include		include
libpeconv @ 02ac4d0		libpeconv @ 02ac4d0
logo		logo
scanners		scanners
utils		utils
.appveyor.yml		.appveyor.yml
.gitmodules		.gitmodules
CMakeLists.txt		CMakeLists.txt
LICENSE		LICENSE
README.md		README.md
dll_main.cpp		dll_main.cpp
main.cpp		main.cpp
main.def		main.def
pe_sieve.cpp		pe_sieve.cpp
pe_sieve.h		pe_sieve.h
report_formatter.cpp		report_formatter.cpp
report_formatter.h		report_formatter.h
results_dumper.cpp		results_dumper.cpp
results_dumper.h		results_dumper.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

PE-sieve

Clone:

Latest builds*:

About

Releases

Packages

Languages

License

baranpirincal/pe-sieve

Folders and files

Latest commit

History

Repository files navigation

PE-sieve

Clone:

Latest builds*:

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages