issues
search
hasherezade
/
pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
https://hshrzd.wordpress.com/pe-sieve/
BSD 2-Clause "Simplified" License
3.01k
stars
421
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
JSON Unescaped back slashes
#13
Neo23x0
closed
6 years ago
3
Duplicated reporting: code section of the implanted PE file is additionally reported as shellcode
#12
hasherezade
closed
6 years ago
0
Provide backward compatibility with Windows XP
#11
hasherezade
closed
6 years ago
1
Logo design
#10
baranpirincal
closed
6 years ago
0
Logo proposal for PE-SIEVE
#9
baranpirincal
closed
6 years ago
29
Bug in path interpretation (in MappingScanner)
#8
hasherezade
closed
6 years ago
0
Recognizing and reconstrucing a PE with partialy erased headers
#7
hasherezade
closed
5 years ago
0
Python bindings
#6
dnides
closed
1 year ago
3
Find manually loaded PE files that are not aligned to the begining of a page
#5
hasherezade
closed
6 years ago
0
Whitelisting known hooks
#4
hasherezade
opened
6 years ago
3
Make PE dump optional
#3
Neo23x0
closed
6 years ago
0
Please remove the "pause" to make it more flexible
#2
Neo23x0
closed
6 years ago
0
Integration in LOKI
#1
Neo23x0
closed
2 years ago
34
Previous