PEframe is an open source tool to Perform Static Analysis on Portable Executable malware and generic suspicious file. It can help malware researchers to detect packer, xor, digital signature, mutex, anti debug, anti-virtual machine, suspicious sections and functions, and much more information about the suspicious files.
Requirements:
- Python 2.7.x
Installation:
- To install from PyPI:
# pip install https://github.com/guelfoweb/peframe/archive/master.zip
- To install from source:
$ git clone https://github.com/guelfoweb/peframe.git
$ cd peframe
# python setup.py install
Note: For Windows environment, you need to follow the instructions here:
- https://github.com/ahupp/python-magic#dependencies
Usage:
$ peframeShort output analysis
$ peframe --jsonFull output analysis JSON format
$ peframe --stringsStrings output
You might also like:
- VBScan - VBulletin Vulnerability Scanner
- poet - A Simple Post-Exploitation Tool
- usbkill - An Anti-Forensic Kill Switch
- AntiCuckoo - A Tool To Detect & Crash Cuckoo Sandbox
- Cowrie - SSH/Telnet Honeypot
- Snitch - Information Gathering via Dorks
- Nikto - Web Server Scanner
- KeyBox - Open-source Web-based SSH Console
- Hacking Germany - Computers, Cyber Attacks and The Future (Documentary Film)
- WAIDPS - Wireless Auditing, Intrusion Detection & Prevention System
- SQLiPy - A SQLMap Plugin for Burp Suite
- Proxenet - Hacker-Friendly Proxy for Web Application Pentests
- MITMf - Framework for Man-In-The-Middle Attacks
- BruteX - Automatically Brute force All Services Running On a Target
This post first appeared on Effect Hacking - Hacking Tools, How To Guides An, please read the originial post: here