PE Files
Examine Static Properties

Manalyze

Perform static analysis of suspicious PE files.
Website: https://github.com/JusticeRage/Manalyze Author: Ivan Kwiatkowski: https://twitter.com/JusticeRage License: GNU General Public License (GPL) v3: https://github.com/JusticeRage/Manalyze/blob/master/LICENSE.txt Notes: Run "manalyze" to invoke the tool. To update the tool's Yara rules to include ClamAV, run "sudo /usr/local/manalyze/yara_rules/update_clamav_signatures.py". To query VirusTotal, add your API key to /usr/local/manalyze/manalyze.conf. State File: remnux.tools.manalyze​

StringSifter

Automatically rank strings based on their relevance to the analysis of suspicious Windows executables.
Website: https://github.com/fireeye/stringsifter Author: FireEye Inc. License: Apache License 2.0: https://github.com/fireeye/stringsifter/blob/master/LICENSE Notes: flarestrings State File: remnux.python3-packages.stringsifter​

PEframe

Statically analyze PE and Microsoft Office files.
Website: https://github.com/guelfoweb/peframe Author: Gianni Amato: https://twitter.com/guelfoweb License: Free, unknown license Notes: peframe State File: remnux.python3-packages.peframe​

dllcharacteristics.py

Read and set DLL characteristics of a PE file.

pefile

Python library for analyzing static properties of PE files.

PE Tree

Examine contents and structure of PE files.

pedump

Statically analyze PE files and extract their components (e.g., resources).
Website: https://github.com/zed-0xff/pedump Author: Andrey "Zed" Zaikin License: MIT License: https://github.com/zed-0xff/pedump/blob/master/LICENSE.txt State File: remnux.rubygems.pedump​

pecheck

Analyze static properties of PE files.
Website: https://blog.didierstevens.com/2020/03/15/pecheck-py-version-0-7-10/ Author: Didier Stevens: https://twitter.com/DidierStevens License: Public Domain Notes: pecheck.py State File: remnux.scripts.pecheck​

pev

Analyze PE files and extract strings from them
Website: http://pev.sourceforge.net Author: Fernando Merces, Jardel Weyrich License: GNU General Public License (GPL) v2: https://github.com/merces/pev/blob/master/LICENSE Notes: pestr, readpe, pedis, pehash, pescan, peldd, peres State File: remnux.packages.pev​

PortEx

Statically analyze PE files.
Website: https://github.com/katjahahn/PortEx Author: Karsten Hahn: https://twitter.com/struppigel License: Apache License 2.0: https://github.com/katjahahn/PortEx/blob/master/LICENSE Notes: portex State File: remnux.packages.portex​

bearparser

Parse PE file contents.
Website: https://github.com/hasherezade/bearparser/wiki Author: hasherezade: https://twitter.com/hasherezade License: BSD 2-Clause "Simplified" License: https://github.com/hasherezade/bearparser/blob/master/LICENSE Notes: bearcommander State File: remnux.packages.bearparser​
Last modified 3mo ago