Malware Analysis

PE-sieve

Process scanner for finding injected, replaced, or suspicious executable code in memory.

malwareprocessinjectionmemorywindowsforensics

Best For

Use in malware labs and incident-response exercises to understand process injection artifacts.

Responsible Use

Use this tool only in owned environments, classroom labs, CTFs, or engagements where you have explicit written permission. Keep notes focused on findings, risk, and remediation.

Official Resource

https://github.com/hasherezade/pe-sieve