mentebinaria Posted November 6, 2012 Posted November 6, 2012 Hello guys!I'd like to share with you an open source project to make PE analysis called pev -- [u]http://pev.sourceforge.netIt's a multiplatform toolkit with some tools to work with PE files. Actually we have the following tools:* pehash - calculate PE file hashes* pedis - PE disassembler* pepack - packer detector* pescan - search for suspicious things in PE files, including TLS callbacks* pesec - check security features in PE files* pestr - search for unicode and ascii strings in PE files* readpe - show PE file headers, sections and more* rva2ofs - convert RVA to raw file offsets* ofs2rva - convert raw file offsets to RVAThe main points are:- No need for Windows API. We use our own PE library called libpe.- Tested on Windows, Linux and OS X.- Support for 32 and 64-bit PE files.- Written entirely in C, using C99 standard. So, it's multiplatform.- Fully scriptable. All pev tools uses CLI and produces outputs in clear text and CSV (HTML, XML and JSON in development).Your ideas, suggestions and comments will be very helpful to improve the existent tools, write new tools etc. I'll really appreciate if you can test it and send me feedbacks.We also need help with many tasks, including non-programming tasks, so if you have some free time and want to contribute, please let me know.Thank you! 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now