PE-sieve

PE-sieve is a specialized open-source security tool designed for the detection of malware signs in memory, such as hollowing, hooks, or other suspicious code patches. It was developed by the cybersecurity researcher known as hasherezade, who is recognized globally for contributing to malware analysis and decryption tools. The software is widely used by researchers and incident responders to automate the identification of implants in running processes.

As an open-source project, PE-sieve does not have a traditional corporate manufacturing origin but is instead developed and maintained primarily in Poland. It remains an independent utility available via platforms like GitHub, where its source code is accessible for public audit and collaborative improvement. The project has become a standard in the toolkit of memory forensics professionals due to its ability to dump detected artifacts for further analysis.

Ownership of the brand and software resides with the original creator. There is no corporate ultimate owner or subsidiary involvement, as the tool is offered as a community-driven project under an open-source license. This ensures the tool remains neutral and accessible to the global cybersecurity community.