search

PE Files

Examine Static Properties

hashtag
Manalyze

Perform static analysis of suspicious PE files.

Website: https://github.com/JusticeRage/Manalyzearrow-up-right Author: Ivan Kwiatkowski: https://x.com/JusticeRagearrow-up-right License: GNU General Public License (GPL) v3: https://github.com/JusticeRage/Manalyze/blob/master/LICENSE.txtarrow-up-right Notes: Run "manalyze" to invoke the tool. To update the tool's Yara rules to include ClamAV, run "sudo python3 /usr/share/manalyze/yara_rules/update_clamav_signatures.py". To query VirusTotal, add your API key to /etc/manalyze/manalyze.conf. State File: remnux.packages.manalyzearrow-up-right

hashtag
PEframe

Statically analyze PE and Microsoft Office files.

Website: https://github.com/digitalsleuth/peframearrow-up-right Author: Gianni Amato: https://x.com/guelfowebarrow-up-right License: Free, unknown license Notes: peframe State File: remnux.python3-packages.peframearrow-up-right

hashtag
dllcharacteristics.py

Read and set DLL characteristics of a PE file.

Website: https://github.com/accidentalrebel/dllcharacteristics.pyarrow-up-right Author: Karlo Licudine: https://x.com/accidentalrebelarrow-up-right License: GNU General Public License (GPL) v3.0: https://github.com/accidentalrebel/dllcharacteristics.py/blob/master/LICENSEarrow-up-right State File: remnux.scripts.dllcharacteristicsarrow-up-right

hashtag
pefile

Python library for analyzing static properties of PE files.

Website: https://github.com/erocarrera/pefilearrow-up-right Author: Ero Carrera: http://blog.dkbza.orgarrow-up-right License: MIT License: https://github.com/erocarrera/pefile/blob/master/LICENSEarrow-up-right Notes: https://github.com/erocarrera/pefile/blob/wiki/UsageExamples.md#introductionarrow-up-right State File: remnux.python3-packages.pefilearrow-up-right

hashtag
PE Tree

Examine contents and structure of PE files.

Website: https://github.com/blackberry/pe_treearrow-up-right Author: BlackBerry Limited: https://x.com/BlackBerrySparkarrow-up-right and Tom Bonner: https://x.com/thomas_bonnerarrow-up-right License: Apache License 2.0: https://github.com/blackberry/pe_tree/blob/master/LICENSEarrow-up-right Notes: pe-tree State File: remnux.python3-packages.pe-treearrow-up-right

hashtag
pedump

Statically analyze PE files and extract their components (e.g., resources).

Website: https://github.com/zed-0xff/pedumparrow-up-right Author: Andrey "Zed" Zaikin License: MIT License: https://github.com/zed-0xff/pedump/blob/master/LICENSE.txtarrow-up-right State File: remnux.rubygems.pedumparrow-up-right

hashtag
pev

Analyze PE files and extract strings from them.

Website: https://github.com/mentebinaria/readpearrow-up-right Author: Fernando Merces, Jardel Weyrich License: GNU General Public License (GPL) v2: https://github.com/mentebinaria/readpe/blob/master/LICENSEarrow-up-right Notes: pestr, readpe, pedis, pehash, pescan, peldd, peres State File: remnux.packages.pevarrow-up-right

hashtag
PortEx

Statically analyze PE files.

Website: https://github.com/katjahahn/PortExarrow-up-right Author: Karsten Hahn: https://x.com/struppigelarrow-up-right License: Apache License 2.0: https://github.com/katjahahn/PortEx/blob/master/LICENSEarrow-up-right Notes: portex State File: remnux.packages.portexarrow-up-right

hashtag
bearparser

Parse PE file contents.

Website: https://github.com/hasherezade/bearparser/wikiarrow-up-right Author: hasherezade: https://x.com/hasherezadearrow-up-right License: BSD 2-Clause "Simplified" License: https://github.com/hasherezade/bearparser/blob/master/LICENSEarrow-up-right Notes: bearcommander State File: remnux.packages.bearparserarrow-up-right

hashtag
debloat

Remove junk contents from bloated Windows executables.

Website: https://github.com/Squiblydoo/debloatarrow-up-right Author: Squiblydoo: https://x.com/SquiblydooBlogarrow-up-right License: BSD 3-Clause License: https://github.com/Squiblydoo/debloat/blob/main/LICENSEarrow-up-right Notes: Run the command-line version as debloat or the GUI version as debloat-gui State File: remnux.python3-packages.debloatarrow-up-right

hashtag
readpe (formerly pev)

Analyze PE files and extract strings from them.

Website: https://github.com/mentebinaria/readpearrow-up-right Author: Fernando Merces, Jardel Weyrich License: GNU General Public License (GPL) v2: https://github.com/mentebinaria/readpe/blob/master/LICENSEarrow-up-right Notes: readpe, pestr, pedis, pehash, pescan, pesec, peldd, pepack, peres, ofs2rva, rva2ofs State File: remnux.packages.pevarrow-up-right

hashtag
pecheck.py

Analyze static properties of PE files.

Website: https://blog.didierstevens.com/2020/03/15/pecheck-py-version-0-7-10/arrow-up-right Author: Didier Stevens: https://x.com/DidierStevensarrow-up-right License: Public Domain State File: remnux.scripts.didier-stevens-scriptsarrow-up-right

hashtag
disitool.py

Extract, delete, copy, and inject digital signatures in PE files.

Website: https://blog.didierstevens.com/programs/disitool/arrow-up-right Author: Didier Stevens: https://x.com/DidierStevensarrow-up-right License: Public Domain State File: remnux.scripts.didier-stevens-scriptsarrow-up-right

PreviousGeneralNextELF Files

Last updated