The Backdoor FactoryPatch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Runpe In MemoryRun a Exe File (PE Module) in memory (like an Application Loader)
DllspyDLL Hijacking Detection Tool
Checksec.pyChecksec tool in Python, Rich output. Based on LIEF
GeyserA bridge/proxy allowing you to connect to Minecraft: Java Edition servers with Minecraft: Bedrock Edition.
Iat patcherPersistent IAT hooking application - based on bearparser
Windows SecurityResources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.
XpeviewerPE file viewer/editor for Windows, Linux and MacOS.
FilebytesLibrary to read and edit files in the following formats: Executable and Linking Format (ELF), Portable Executable (PE), MachO and OAT (Android Runtime)
FloodgateHybrid mode plugin to allow for connections from Geyser to join online mode servers.
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
App PeidPEiD detects most common packers, cryptors and compilers for PE files.
SigthiefStealing Signatures and Making One Invalid Signature at a Time
Win Version InfoWindows-only native addon to read version info from executables.
ManalyzeA static analyzer for PE executables.
AmberReflective PE packer.
GoblinAn impish, cross-platform binary parsing crate, written in Rust
Rop ToolA tool to help you write binary exploits
DissectionThe dissection of a simple "hello world" ELF binary.
BearparserPortable Executable parsing library (from PE-bear)
PenetPortable Executable (PE) library written in .Net
PepperPE (x86) and PE+ (x64) files viewer, based on libpe.
MiniNT5-Toolssmall Windows 10 (based on Windows PE) with customised tools
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
mem64Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
pelauncherPortable Executable launcher for Windows NT bypassing loader
linux-peCOFF and Portable Executable format described using standard C++ with no dependencies.
monetaMoneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
checksec.rsFast multi-platform (ELF/PE/MachO) binary checksec written in Rust.
FactionsPEMost advanced factions plugin for PocketMine-MP