PE Files
Examine Static Properties
Last updated
Examine Static Properties
Last updated
Perform static analysis of suspicious PE files.
Website: Author: Ivan Kwiatkowski: License: GNU General Public License (GPL) v3: Notes: Run "manalyze" to invoke the tool. To update the tool's Yara rules to include ClamAV, run "sudo /usr/local/manalyze/yara_rules/update_clamav_signatures.py". To query VirusTotal, add your API key to /usr/local/manalyze/manalyze.conf. State File:
Automatically rank strings based on their relevance to the analysis of suspicious Windows executables.
Website: Author: FireEye Inc. License: Apache License 2.0: Notes: flarestrings State File:
Statically analyze PE and Microsoft Office files.
Website: Author: Gianni Amato: License: Free, unknown license Notes: peframe State File:
Read and set DLL characteristics of a PE file.
Website: Author: Karlo Licudine: License: GNU General Public License (GPL) v3.0: State File:
Python library for analyzing static properties of PE files.
Examine contents and structure of PE files.
Statically analyze PE files and extract their components (e.g., resources).
Analyze static properties of PE files.
Analyze PE files and extract strings from them
Statically analyze PE files.
Parse PE file contents.
Remove junk contents from bloated Windows executables.
Website: Author: Ero Carrera: License: MIT License: Notes: State File:
Website: Author: BlackBerry Limited: and Tom Bonner: License: Apache License 2.0: Notes: pe-tree State File:
Website: Author: Andrey "Zed" Zaikin License: MIT License: State File:
Website: Author: Didier Stevens: License: Public Domain Notes: pecheck.py State File:
Website: Author: Fernando Merces, Jardel Weyrich License: GNU General Public License (GPL) v2: Notes: pestr, readpe, pedis, pehash, pescan, peldd, peres State File:
Website: Author: Karsten Hahn: License: Apache License 2.0: Notes: portex State File:
Website: Author: hasherezade: License: BSD 2-Clause "Simplified" License: Notes: bearcommander State File:
Website:
Author: Squiblydoo: https://twitter.com/SquiblydooBlog
License: BSD 3-Clause License: https://github.com/Squiblydoo/debloat/blob/main/LICENSE
Notes: Run the command-line version as debloat
or the GUI version as debloat-gui
State File: