PE-sieve - Related Programs

PE-sieve 0.3.3 Detect malware running on the system

PE-sieve 0.3.3

  • Evaluate:
    12345
    51 Rated
  • Operating system:
    Windows XP, Vista, 7, 8, 10, 11
  • Language: English
  • Version: 0.3.3
  • Latest updated:
  • License: Freeware
  • Publisher: hasherezade
  • File size: 1 Mb
  • Download: 448

Download PE-sieve 0 for Windows XP, Vista, 7, 8, 10, 11 - A tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis

PE-sieve is a tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps variety of implants within the scanned process: replaced/injected PEs, shellcodes, hooks, and other in-memory patches. Detects inline hooks, Process Hollowing, Process Doppelgänging, Reflective DLL Injection, etc.

image

PE-sieve - Detect malware running on the system

PE-sieve is meant to be a light-weight engine dedicated to scan a single process at the time. It can be built as an EXE or as a DLL. The DLL version exposes a simple API and can be easily integrated with other applications.

To scan a process, open the Command Prompt or PowerShell as admin. Find the process and target Id and use the included help to type in what you need. Typically, you will start with pe-sieve32 or pe-sieve64, and the target id is required, for example, /PID 3807. In other words, your basic entry will be something similar to "pe-sieve64 /PID 3807." From here, again, be sure to check for all the other available switches.

Comment:
Write a comment
Top alternative apps [Freeware]:
Top alternative apps [Shareware]: