PE Files
Examine Static Properties


Perform static analysis of suspicious PE files.
Website: Author: Ivan Kwiatkowski: License: GNU General Public License (GPL) v3: Notes: Run "manalyze" to invoke the tool. To update the tool's Yara rules to include ClamAV, run "sudo /usr/local/manalyze/yara_rules/". To query VirusTotal, add your API key to /usr/local/manalyze/manalyze.conf. State File:​


Automatically rank strings based on their relevance to the analysis of suspicious Windows executables.
Website: Author: FireEye Inc. License: Apache License 2.0: Notes: flarestrings State File: remnux.python3-packages.stringsifter​


Statically analyze PE and Microsoft Office files.
Website: Author: Gianni Amato: License: Free, unknown license Notes: peframe State File: remnux.python3-packages.peframe​

Read and set DLL characteristics of a PE file.


Python library for analyzing static properties of PE files.

PE Tree

Examine contents and structure of PE files.


Statically analyze PE files and extract their components (e.g., resources).
Website: Author: Andrey "Zed" Zaikin License: MIT License: State File: remnux.rubygems.pedump​


Analyze static properties of PE files.
Website: Author: Didier Stevens: License: Public Domain Notes: State File: remnux.scripts.pecheck​


Analyze PE files and extract strings from them
Website: Author: Fernando Merces, Jardel Weyrich License: GNU General Public License (GPL) v2: Notes: pestr, readpe, pedis, pehash, pescan, peldd, peres State File: remnux.packages.pev​


Statically analyze PE files.
Website: Author: Karsten Hahn: License: Apache License 2.0: Notes: portex State File: remnux.packages.portex​


Parse PE file contents.
Website: Author: hasherezade: License: BSD 2-Clause "Simplified" License: Notes: bearcommander State File: remnux.packages.bearparser​
Last modified 10mo ago