PPEE (puppy) 1.10 - Professional PE file Explorer - ausführbare Dateien genauer untersuchen

Alles, was nicht in die anderen Kategorien passt. Bitte genau überlegen!

Moderatoren: |Gordon|, Jean, Moderatoren

Beiträge: 12700
Registriert: 06.01.02, 18:46

PPEE (puppy) 1.10 - Professional PE file Explorer - ausführbare Dateien genauer untersuchen

Beitrag von Gordon » 14.02.18, 17:28

PPEE (puppy)

Version: 1.10
HP: https://www.mzrst.com/#top
Größe: 500 kb
Lizenz: Freeware
Puppy is robust against malformed and crafted PE files which makes it handy for reversers, malware researchers and those who want to inspect PE files in more details. All directories in a PE file including Export, Import, Resource, Exception, Certificate(Relies on Windows API), Base Relocation, Debug, TLS, Load Config, Bound Import, IAT, Delay Import and CLR are supported.
Both PE32 and PE64 support
Examine YARA rules against opened file
Virustotal and OPSWAT's Metadefender query report
Statically analyze windows native and .Net executables
Robust Parsing of exe, dll, sys, scr, drv, cpl, ocx and more
Edit almost every data structure
Easily dump sections, resources and .Net assembly directories
Entropy and MD5 calculation of the sections and resource items
View strings including URL, Registry, Suspicious, ... embedded in files
Detect common resource types
Extract artifacts remained in PE file
Anomaly detection
Right-click for Copy, Search in web, Whois and dump
Built in hex editor
Explorer context menu integration
Descriptive information for data members
Refresh, Save and Save as menu commands
Drag and drop support
List view columns can sort data in an appropriate way
Open file from command line
Checksum validation
Plugin enabled
PPEE mit dem schönen Schibboleth Puppy ist ein kleines portables Tool, um ausführbare Dateien genauer untersuchen und potentiell verdächtige Aktivitäten herauszufinden. Mit dem eingebauten Hexeditor kann man auch herumbasteln, sollte aber wissen was man tut.
FCK Klimawandel