pev is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for proper analyze binaries, specially the suspicious ones.
Go to https://github.com/merces/pev for most up to date code!
Cloudbased voice solutions are common in enterprise networks and frustrating for operations teams to manage. Simplify VoIP monitoring by having a proactive analysis of on-prem, hybrid and UCaaS voice services. Try the ThousandEyes VoIP monitoring solution today, free.
Post Views:
437
| Website |
http://pev.sf.net |
| Tags |
Anti-MalwareSecuritySoftware Development |
| License |
GNU General Public License version 2.0 (GPLv2)
|
| Features |
- Based on own PE library, called libpe
- Support for PE32 and PE32+ (64-bit) files
- Formatted output in text and CSV (other formats in development)
- pesec: check security features in PE files, extract certificates and more
- readpe: parse PE headers, sections, imports and exports
- pescan: detect TLS callback functions, DOS stub modification, suspicious sections and more
- pedis: disassembly a PE file section or function with support for Intel and AT&T syntax
- Include tools to convert RVA from file offset and vice-versa
- pehash: calculate PE file hashes
- pepack: detect if an executable is packed or not
- pestr: search for hardcoded Unicode and ASCII strings simultaneously in PE files
- peres: show and extract PE file resources
|