-
-
[转帖]Pev 0.70 by Fernando Mercês
-
发表于: 2014-1-3 13:19 1276
-
Pev 0.70 by Fernando Mercês
Pev is a multiplatform PE analysis toolkit that includes tools to retrieve and parsing information about Windows PE files.
* pehash - calculate PE file hashes
* pedis - PE disassembler
* pepack - packer detector
* pescan - search for suspicious things in PE files, including TLS callbacks
* pesec - check security features in PE files
* pestr - search for unicode and ascii strings in PE files
* readpe - show PE file headers, sections and more
* rva2ofs - convert RVA to raw file offsets
* ofs2rva - convert raw file offsets to RVA
The main points are:
- No need for Windows API. We use our own PE library called libpe.
- Tested on Windows, Linux and OS X.
- Support for 32 and 64-bit PE files.
- Written entirely in C, using C99 standard. So, it's multiplatform.
- Fully scriptable. All pev tools uses CLI and produces outputs in clear text and CSV (HTML, XML and JSON in development).
http://pev.sourceforge.net/
赞赏
他的文章
看原图
赞赏
雪币:
留言: