sQuo Posted July 25, 2014 Share Posted July 25, 2014 This is the hidden content, please Sign In or Sign Up Description pev is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for proper analyze binaries, specially the suspicious ones. Features Based on own PE library, called libpe Support for PE32 and PE32+ (64-bit) files Formatted output in text and CSV (other formats in development) pesec: check security features in PE files, extract certificates and more readpe: parse PE headers, sections, imports and exports pescan: detect TLS callback functions, DOS stub modification, suspicious sections and more pedis: disassembly a PE file section or function with support for Intel and AT&T syntax Include tools to convert RVA from file offset and vice-versa pehash: calculate PE file hashes pepack: detect if an executable is packed or not pestr: search for hardcoded Unicode and ASCII strings simultaneously in PE files peres: show and extract PE file resources [HIDE-THANKS] This is the hidden content, please Sign In or Sign Up [/HIDE-THANKS] Link to comment Share on other sites More sharing options...
Recommended Posts