Query on supported architectures

hasherezade / pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

https://hshrzd.wordpress.com/pe-sieve/

BSD 2-Clause "Simplified" License

3.03k stars 423 forks source link

Query on supported architectures #129

Open sridhard opened 1 month ago

sridhard commented 1 month ago

Hi,

Does pe-sieve support 32-bit and 64-bit architectures. Also now windows started supporting ARM. Does pe-sieve support ARM?

Thanks

hasherezade commented 1 month ago

Hi @sridhard ! Yes, PE-sieve supports both 32-bit and 64-bit (Intel). Just download the version relevant to the bitness of your system (the 64-bit PE-sieve will scan 32-bit processes just fine). Regarding ARM, it is on my TODO to add the support, but it is not implemented yet.