3missedcalls / pe-sieve Goto Github PK
View Code? Open in Web Editor NEWThis project forked from hasherezade/pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Home Page: https://hshrzd.wordpress.com/pe-sieve/
License: BSD 2-Clause "Simplified" License