pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
🔗 https://hshrzd.wordpress.com/pe-sieve/
📜 App manifest
Current version: 0.3.5
Bucket: main
License: BSD-2-Clause
Installation
scoop install pe-sieve