PE-sieve 0.2

Published by

PE-sieve can scan running processes on your computer to detect memory code modifications. This can be especially useful for finding malware running on your computer.
PE-sieve can scan running processes on your computer to detect memory code modifications. This can be especially useful for finding malware running on your computer.

PE-sieve isn't exactly a name that rolls off the tongue and possibly for a good reason. Pc-sieve is for advanced users especially those with command-prompt knowledge, target ID's and processes.

Pe-sieve will take any process you specify and look for in-memory implants in the executable and DLL files including modified PE's, shellcodes, inline hooks, patches, and more.

Double-click on the portable executable, and there is a short description as well as a list of switches.

To scan a process, open the

 Download