PE-sieve 0.3.9
|
Author:
hasherezade
Date: 02/25/2024 Size: 1 MB License: Freeware Requires: 11|10|8|7 Downloads: 12551 times 
TIP:
Click Here to Repair orRestore Missing Windows Files |
Major Geeks Special Offer:
PE-sieve is an Open Source app that can scan running processes on your computer to detect memory code modifications. This functionality can be beneficial for finding malware running on your computer.
PE-sieve isn't exactly a name that rolls off the tongue, possibly for a good reason. Pc-sieve is for advanced users, especially those with command-prompt knowledge, target ID's, and processes.
Pe-sieve will take any process you specify and look for in-memory implants in the executable and DLL files, including modified PEs, shellcodes, inline hooks, patches, and more.
Double-click on the portable executable; there is a short description and a list of switches.
To scan a process, open the Command Prompt or PowerShell as admin. Find the process and target Id and use the included help to type in what you need. Typically, you will start with pe-sieve32 or pe-sieve64, and the target id is required, for example, /PID 3807. In other words, your basic entry will be something similar to "pe-sieve64 /PID 3807." From here, again, be sure to check for all the other available switches.
Further information and videos are available on the home page.
Similar:
How to Identify Processes or Services on Your Computer
How to Save a Text File of All Running Processes With TaskList
How to Restore or Verify Default Services in Windows 7, 8, 10, and 11
How-To Customize Process Information Viewed in Task Manager
PE-sieve isn't exactly a name that rolls off the tongue, possibly for a good reason. Pc-sieve is for advanced users, especially those with command-prompt knowledge, target ID's, and processes.
Pe-sieve will take any process you specify and look for in-memory implants in the executable and DLL files, including modified PEs, shellcodes, inline hooks, patches, and more.
Double-click on the portable executable; there is a short description and a list of switches.
To scan a process, open the Command Prompt or PowerShell as admin. Find the process and target Id and use the included help to type in what you need. Typically, you will start with pe-sieve32 or pe-sieve64, and the target id is required, for example, /PID 3807. In other words, your basic entry will be something similar to "pe-sieve64 /PID 3807." From here, again, be sure to check for all the other available switches.
Further information and videos are available on the home page.
Similar:
Screenshot for PE-sieve
Tactical Briefings
Comment Rules & Etiquette - We welcome all comments from our readers, but any comment section requires some moderation. Some posts are auto-moderated to reduce spam, including links and swear words. When you make a post, and it does not appear, it went into moderation. We are emailed when posts are marked as spam and respond ASAP. Some posts might be deleted to reduce clutter. Examples include religion, politics, and comments about listing errors (after we fix the problem and upvote your comment). Finally, be nice. Thank you for choosing MajorGeeks.
© 2000-2024 MajorGeeks.com
Powered by Contentteller® Business Edition