forensictools icon indicating copy to clipboard operation
forensictools copied to clipboard

Published 20 hours ago verified publisher icon cristianzsh

PPEE (puppy)

Open R00ke opened this issue 1 year ago • 1 comments

PPEE (puppy) is a Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail. Some of the features include:

  • Very fast malware static analysis tool
  • Both PE32 and PE64 support
  • Examine Yara rules against opened file
  • Virustotal and OPSWAT's Metadefender query report
  • Statically analyze windows native and .Net executables
  • Parse Rich Header
  • Parse Safe SEH, Control Flow Guard Functions, Enclave Configuration and Volatile information in load config directory
  • Edit almost every PE data structure
  • Entropy, SSDEEP, TLSH, CRC32, ImpHash, MD5, SHA1, SHA256 and Authentihash calculation of the files
  • View strings including URL, Registry, Suspicious, ... embedded in files

Website: https://mzrst.com/

R00ke avatar Dec 29 '23 20:12 R00ke

Hi, @R00ke. I will take a look at this tool, although I think the combination of DiE and pestudio on the current version already does a good job. Thanks!

cristianzsh avatar Dec 30 '23 18:12 cristianzsh