readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones.
Features
- Based on own PE library, called libpe
- Support for PE32 and PE32+ (64-bit) files
- Formatted output in text, CSV, HTML, and XML
- pesec: check security features in PE files, extract certificates, and more
- readpe: parse PE headers, sections, imports and exports
- pescan: detect TLS callback functions, DOS stub modification, suspicious sections and more
- pedis: disassembly a PE file section or function with support for Intel and AT&T syntax
- Include tools to convert RVA from file offset and vice-versa
- pehash: calculate PE file hashes including imphash and ssdeep
- pepack: detect whether an executable is packed or not
- pestr: search for hardcoded Unicode and ASCII strings simultaneously in PE files
- peres: show and extract PE file resources
License
GNU General Public License version 2.0 (GPLv2)Follow readpe
Other Useful Business Software
Gen AI apps are built with MongoDB Atlas
MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
Rate This Project
Login To Rate This Project
User Reviews
-
Just OK.