PE-Sieve

PE-Sieve is a handy tool you can add to your collection if you want to boost the security of your computer. It helps keep an eye on any malware trying to sneak into your system. This little command-line software can scan active PE processes to find out if there are any sneaky code changes happening in memory. These changes might mean that someone is trying to mess with your PC's defenses.

Easy Installation and Use

The best part? You don't even need to install it! PE-Sieve comes with two executable files for both x86 and x64 Windows systems. Just grab the one that fits your computer type, and you're good to go!

How It Works

To start using PE-Sieve, you'll use a simple syntax: /pid <target-pid>. This lets you specify the ID of the running process you want to scan. Once you run it, PE-Sieve will check all files linked to that process and give you a summary of what it found. You'll see details like how many items were scanned, hooked, modified, or suspicious.

Reports Made Easy

After scanning, you'll get a report saved as a JSON file automatically created in a subfolder named after the PID of the process. This makes it super easy to keep track of reports when you're checking multiple processes.

Optional Commands for Advanced Users

If you're feeling adventurous, there are some optional commands too! You can recover imports with /imp, but remember this might slow things down a bit. You can also filter scanned modules by 32-bit (/mfilter 1) or 64-bit (/mfilter 2) versions, plus filter dumped output with /ofilter.

Smooth Performance on Windows 10

We tested this console program on Windows 10, and it ran smoothly while performing scans quickly without hogging system resources.

Your Free Security Solution!

Overall, PE-Sieve is super helpful for boosting your system's security by scanning active processes for possible malware changes. And guess what? It's free and open-source! So if you're into coding or software development, feel free to check out its code or use it for your own projects. Ready to give it a try? Download PE-Sieve here!