软件包:readpe(0.84-1 以及其他的)
command-line tools to manipulate Windows PE files
readpe is a toolkit designed to analyze Microsoft Windows PE (Portable Executable) binary files. Its tools can parse and compare PE32/PE32+ executable files (EXE, DLL, OCX, etc), and analyze them in search of suspicious characteristics.
It can be used to get information from those executable files, such as headers, sections, resources and more. It also provides tools to disassemble PE files and determine their security mitigations. It is useful for application security research, digital forensics and incident response, and malware analysis.
It is similar to elftools, only designed for PE files. It has more features than other more specific PE tools, such as icoextract or ntldd.
This package provides the ofs2rva, pedis, pehash, peldd, pepack, peres, pescan, pesec, pestr, readpe and rva2ofs commands.
其他与 readpe 有关的软件包
|
|
|
|
-
- dep: libc6 (>= 2.38)
- GNU C 语言运行库:共享库
同时作为一个虚包由这些包填实: libc6-udeb
-
- dep: libpe1t64 (>= 0.84)
- library to read Windows PE files
-
- dep: libssl3t64 (>= 3.0.0)
- 安全套接字层工具箱 - 共享库