erase-pe-header
| Crates.io | erase-pe-header |
| lib.rs | erase-pe-header |
| version | 0.1.0 |
| source | src |
| created_at | 2020-01-24 17:51:18.721056 |
| updated_at | 2020-01-24 17:51:18.721056 |
| description | This library helps you to overwrite the portable-executable header with zeroes. |
| homepage | |
| repository | https://github.com/DeepRobin/erase-pe-header |
| max_upload_size | |
| id | 201585 |
| size | 3,477 |
Robin Lindner (deeprobin)
documentation
https://docs.rs/erase-pe-header/
README
erase-pe-header
This crate overwrites the PE header in memory with nulls. This can trick some antivirus & analysis software and it could be useful in malware creation. This crate was not created with malicious intent but for educational purposes. (Only works on windows)
This crate was adapted from C++ Source.
Example
fn main() {
if cfg!(target_os = "windows") {
unsafe { erase_pe_header::erase_pe_header() };
}
println!("Hello world");
}