Project description

pedumper

pedumper can easily dump PE files within memory.

Installation

pip install pedumper

How to use

C:\Users\user\Desktop>pedumper -p 24532
[!] Found a PE file in the target memory
[*] Address     : 0x133f8e80000
[*] Region      : 0x133f8e80000 - 0x133f8eb7000
[*] Protect     : 0x40 (PAGE_EXECUTE_READWRITE)
[*] Type        : 0x20000 (MEM_PRIVATE)
[*] State       : 0x1000 (MEM_COMMIT)
[!] Saved the found PE to 0x133f8e80000.exe

[!] Found a PE file in the target memory
[*] Address     : 0x133f8e9b800
[*] Region      : 0x133f8e80000 - 0x133f8eb7000
[*] Protect     : 0x40 (PAGE_EXECUTE_READWRITE)
[*] Type        : 0x20000 (MEM_PRIVATE)
[*] State       : 0x1000 (MEM_COMMIT)
[!] Saved the found PE to 0x133f8e9b800.exe

Project details

These details have not been verified by PyPI

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

1.3.0

Dec 16, 2022

1.2.0

Dec 15, 2022

1.1.0

Dec 15, 2022

1.0.0

Dec 14, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pedumper-1.3.0.tar.gz (4.0 kB view hashes)

Uploaded Dec 16, 2022 Source

Hashes for pedumper-1.3.0.tar.gz

Hashes for pedumper-1.3.0.tar.gz
Algorithm	Hash digest
SHA256	`cf330dd3a4998e69e39851a3838cb15e36022dc9fe11b97aee407211ff2fe00d`
MD5	`93370a1d45a15f5628f4feaa608074fe`
BLAKE2b-256	`021df5b3d75ca48c61dec450a82e7257f3f762730ec89c66fcf31253cbae4984`