Releases: hasherezade/pe-sieve
Releases · hasherezade/pe-sieve
v0.0.9.7.5
Scans modules within a given process against:
- in-memory replacement (hollowing, doppleganging)
- code hooking/in-memory patching
Very basic working set scan (checks -WX pages for manually mapped modules).
Suspicious PE modules are dumped along with a JSON report about the indicators.