Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
-
Updated
Jun 6, 2026 - C++
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
A fully static Roblox Client Decryptor
Generic Themida/WinLicense payload extractor. Launches protected PE as suspended process, detects section decryption, dumps unpacked binary with fixed headers, and scans process memory for IOCs. Supports EXE and DLL targets (x86/x64).
VMProtect payload extractor with IAT reconstruction. Monitors section unpacking, dumps PE with fixed headers, reconstructs imports via module export enumeration, and scans heap for IOCs. Supports EXE and DLL targets (x86/x64).
M3MX Unified memory forensics workbench powered by Volatility manual & automated analysis, MITRE ATT&CK mapping, and an AI agent, all in your browser.
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Add a description, image, and links to the pe-dumper topic page so that developers can more easily learn about it.
To associate your repository with the pe-dumper topic, visit your repo's landing page and select "manage topics."