Dumper can easily extract PE files in the memory of the target process

These details have not been verified by PyPI

Project description

pedumper

pedumper can easily dump PE files within memory.

Installation

pip install pedumper

How to use

C:\Users\user\Desktop>pedumper -p 24532
[!] Found a PE file in the target memory
[*] Address     : 0x133f8e80000
[*] Region      : 0x133f8e80000 - 0x133f8eb7000
[*] Protect     : 0x40 (PAGE_EXECUTE_READWRITE)
[*] Type        : 0x20000 (MEM_PRIVATE)
[*] State       : 0x1000 (MEM_COMMIT)
[!] Saved the found PE to 0x133f8e80000.exe

[!] Found a PE file in the target memory
[*] Address     : 0x133f8e9b800
[*] Region      : 0x133f8e80000 - 0x133f8eb7000
[*] Protect     : 0x40 (PAGE_EXECUTE_READWRITE)
[*] Type        : 0x20000 (MEM_PRIVATE)
[*] State       : 0x1000 (MEM_COMMIT)
[!] Saved the found PE to 0x133f8e9b800.exe

Project details

These details have not been verified by PyPI

Release history Release notifications | RSS feed

This version

1.3.0

Dec 16, 2022

1.2.0

Dec 15, 2022

1.1.0

Dec 15, 2022

1.0.0

Dec 14, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pedumper-1.3.0.tar.gz (4.0 kB view details)

Uploaded Dec 16, 2022 Source

File details

Details for the file pedumper-1.3.0.tar.gz.

File metadata

Download URL: pedumper-1.3.0.tar.gz
Upload date: Dec 16, 2022
Size: 4.0 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.11.1

File hashes

Hashes for pedumper-1.3.0.tar.gz
Algorithm	Hash digest
SHA256	`cf330dd3a4998e69e39851a3838cb15e36022dc9fe11b97aee407211ff2fe00d`
MD5	`93370a1d45a15f5628f4feaa608074fe`
BLAKE2b-256	`021df5b3d75ca48c61dec450a82e7257f3f762730ec89c66fcf31253cbae4984`

See more details on using hashes here.

pedumper 1.3.0

Navigation

Verified details

Maintainers

Unverified details

Meta

Classifiers