Skip to content
/ PE-Inspector Public

The PE-Inspector can be used to gather information about any PE-File in Windows. It works with both 32bit and 64bit files.

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bytew0lf/PE-Inspector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
PE-Inspector
PE-Inspector
 
 
PECOFF
PECOFF
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
PE-Inspector.sln
PE-Inspector.sln
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 

Repository files navigation

PE-Inspector

Extracts information from a PECOFF file.

Just execute the PE-Inspector like this:

PE-Inspector.exe output.csv <Path to inspect>

Additional functionality

The PECOFF Library has also the ability to get all imports and exports of the PE-file as well as the certificate.

Contents of the output file

The CSV-Output currently contains the following values for each analyzed file.

  • Filename
  • Extension
  • Path
  • Product Version
  • File Version
  • IsDotNetFile
  • IsObfuscated
  • Obfuscationpercentage
  • SHA256 HASH
  • HasCertificate
  • Comments
  • CompanyName
  • FileDescription
  • InternalName
  • IsDebug
  • IsPatched
  • IsPreRelease
  • IsPrivateBuild
  • IsSpecialBuild
  • Language
  • Copyright
  • Trademarks
  • OriginalFilename
  • PrivateBuild
  • ProductName
  • SpecialBuild

About

The PE-Inspector can be used to gather information about any PE-File in Windows. It works with both 32bit and 64bit files.

Topics

forensics fileformat pecoff-parser pecoff

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 2

Testrelease Latest
Jan 8, 2024
+ 1 release

Packages

No packages published

Languages