首页
社区
课程
招聘
[转帖]Pev 0.70 by Fernando Mercês
发表于: 2014-1-3 13:19 1276

[转帖]Pev 0.70 by Fernando Mercês

2014-1-3 13:19
1276
Pev 0.70 by Fernando Mercês
Pev is a multiplatform PE analysis toolkit that includes tools to retrieve and parsing information about Windows PE files.

* pehash - calculate PE file hashes
* pedis - PE disassembler
* pepack - packer detector
* pescan - search for suspicious things in PE files, including TLS callbacks
* pesec - check security features in PE files
* pestr - search for unicode and ascii strings in PE files
* readpe - show PE file headers, sections and more
* rva2ofs - convert RVA to raw file offsets
* ofs2rva - convert raw file offsets to RVA

The main points are:

- No need for Windows API. We use our own PE library called libpe.
- Tested on Windows, Linux and OS X.
- Support for 32 and 64-bit PE files.
- Written entirely in C, using C99 standard. So, it's multiplatform.
- Fully scriptable. All pev tools uses CLI and produces outputs in clear text and CSV (HTML, XML and JSON in development).

http://pev.sourceforge.net/


[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

上传的附件:
收藏
免费 1
支持
分享
最新回复 (0)
游客
登录 | 注册 方可回帖
返回
//