Lib.rs

#memory #win-sdk #windows

erase-pe-header

This library helps you to overwrite the portable-executable header with zeroes

by Robin Lindner

1 unstable release

0.1.0 Jan 24, 2020

#5 in #win-sdk

MIT license

4KB

erase-pe-header

This crate overwrites the PE header in memory with nulls. This can trick some antivirus & analysis software and it could be useful in malware creation. This crate was not created with malicious intent but for educational purposes. (Only works on windows)

This crate was adapted from C++ Source.

Example

fn main() {
    if cfg!(target_os = "windows") {
        unsafe { erase_pe_header::erase_pe_header() };
    }
    println!("Hello world");
}

lib.rs:

This library overwrites the PE header in memory with nulls. This can trick some antivirus & analysis software. This library was not created with malicious intent but for educational purposes.

Dependencies

~175KB