PE-sieve

PE-sieve scans a given process, searching for the modules containing in-memory code modifications. When found, it dumps the modified PE. Detects inline hooks, hollowed processes, Process Doppelgänging etc. Can be used for unpacking malware.

We know about 2 alternatives to PE-sieve. You can find them below. The top competitors are: Process Dump and LiveDump.

PE-sieve Alternatives

PE-sieve alternatives based on verified products, community votes, reviews and similar products.

5

/process-dump-alternatives

PD

Process Dump

↔ PE-sieve

Dumps memory components from specific processes or from all processes currently running. Supports creation and use of a clean-hash database, so that dumping of all the clean files such as kernel32.dll can be skipped.

Open Source
3

/livedump-alternatives

LiveDump

↔ PE-sieve

Process memory dumper

Suggest an alternative

If you think we've missed something, please suggest an alternative to PE-sieve.

PE-sieve

PE-sieve scans a given process, searching for the modules containing in-memory code modifications. When found, it dumps the modified PE. Detects inline hooks, hollowed processes, Process Doppelgänging etc. Can be used for unpacking malware.

PE-sieve Alternatives

PE-sieve alternatives based on verified products, community votes, reviews and similar products.

Process Dump

LiveDump

PE-sieve discussion