Pe-Sieve – Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)

0
15
Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)

PE-sieve is a light-weight-weight instrument that helps to detect malware operating on the system, in addition to to gather the possibly malicious materials for additional evaluation. Recognizes and dumps number of implants inside the scanned course of: changed/injected PEs, shellcodes, hooks, and different in-reminiscence patches.
Detects inline hooks, Process Hollowing, Process Doppelgänging, Reflective DLL Injection, and many others.


Clone:
Use recursive clone to get the repo along with the submodule:

git clone --recursive https://github.com/hasherezade/pe-sieve.git

Latest builds*:
*these builds can be found for
testing and so they could also be forward of the official release:

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.