PE-bear
Portable Executable reversing tool with a friendly GUI
PE-bear is a multiplatform reversing tool for inspecting Windows Portable Executable files. It is designed to give malware analysts and reverse engineers a fast first view of a PE file’s structure. The tool can handle malformed PE files, which is important when analyzing packed, damaged, or intentionally manipulated binaries. It provides a graphical interface for exploring headers, sections, imports, resources, strings, and other PE internals. PE-bear also includes analysis conveniences such as hashes, signatures, and searchable string views. ...