Comment on page

PE Files

Examine Static Properties


Perform static analysis of suspicious PE files.
Website: Author: Ivan Kwiatkowski: License: GNU General Public License (GPL) v3: Notes: Run "manalyze" to invoke the tool. To update the tool's Yara rules to include ClamAV, run "sudo /usr/local/manalyze/yara_rules/". To query VirusTotal, add your API key to /usr/local/manalyze/manalyze.conf. State File:


Automatically rank strings based on their relevance to the analysis of suspicious Windows executables.
Website: Author: FireEye Inc. License: Apache License 2.0: Notes: flarestrings State File: remnux.python3-packages.stringsifter


Statically analyze PE and Microsoft Office files.
Website: Author: Gianni Amato: License: Free, unknown license Notes: peframe State File: remnux.python3-packages.peframe

Read and set DLL characteristics of a PE file.


Python library for analyzing static properties of PE files.

PE Tree

Examine contents and structure of PE files.


Statically analyze PE files and extract their components (e.g., resources).
Website: Author: Andrey "Zed" Zaikin License: MIT License: State File: remnux.rubygems.pedump


Analyze static properties of PE files.
Website: Author: Didier Stevens: License: Public Domain Notes: State File: remnux.scripts.pecheck


Analyze PE files and extract strings from them
Website: Author: Fernando Merces, Jardel Weyrich License: GNU General Public License (GPL) v2: Notes: pestr, readpe, pedis, pehash, pescan, peldd, peres State File: remnux.packages.pev


Statically analyze PE files.


Parse PE file contents.
Website: Author: hasherezade: License: BSD 2-Clause "Simplified" License: Notes: bearcommander State File: remnux.packages.bearparser


Remove junk contents from bloated Windows executables.
Website: Author: Squiblydoo: License: BSD 3-Clause License: Notes: Run the command-line version as debloat or the GUI version as debloat-gui State File: remnux.python3-packages.debloat
Last modified 3mo ago