PEV - The PE file analysis toolkit is a multiplatform PE analysis toolkit that includes tools to retrieve and parsing information about Windows PE files. It can be useful for programmers, security analysts, and forensic investigators.
What is new in this release:
Legend: + Added feature * Improved/changed feature - Bug fixed ! Known issue / missing feature pev 0.70 - December 26, 2013 ! Missing full/English documentation. ! Missing valid XML and HTML output formats. ! pestr: no support for --net option when parsing unicode strings. ! pestr: unable to handle too big strings. * libpe: rewritten, now using mmap. (Jardel Weyrich). * pestr: added countries domains suffixes. * readpe and peres: output enhancements (Jardel Weyrich). + pehash: sections and headers hash calculation (Jardel Weyrich). + pehash: ssdeep fuzzy hash calculation. + pehash: support for new digest hashes like sha512, ripemd160 and more. + peres: added new tool to analyze/extract PE resources (Marcelo Fleury). + pescan: cpl malware detection. + pescan: undocumented anti-disassembly fpu trick detection. + pesec: show and extract cerfiticates from digitally signed binaries (Jardel Weyrich). - readpe can't show functions exported by ID only. - readpe: fixed subsystem types (Dmitry Mostovenko).
Comments not found