View Issue Details

IDProjectCategoryView StatusLast Update
0003963Kali LinuxNew Tool Requestspublic2020-03-18 18:05
ReporterCapsLock Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status closedResolutionsuspended 
Summary0003963: PPEE - Professional PE Explorer
Description

PPEE (puppy) is a Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail.

Puppy is robust against malformed and crafted PE files which makes it handy for reversers, malware researchers and those who want to inspect PE files in more details. All directories in a PE file including Export, Import, Resource, Exception, Certificate(Relies on Windows API), Base Relocation, Debug, TLS, Load Config, Bound Import, IAT, Delay Import and CLR are supported.

A companion plugin is also provided to query the file in the well-known malware repositories and take one-click technical information about the file such as its size, entropy, attributes, hashes, version info and so on.

Features:
Both PE32 and PE64 support
Virustotal and OPSWAT's Metadefender query report
Statically analyze windows native and .Net executables
Robust Parsing of exe, dll, sys, scr, drv, cpl, ocx and more
Edit almost every data structure
Easily dump sections, resources and .Net assembly directories
Entropy and MD5 calculation of the sections and resource items
View strings including URL, Registry, Suspicious, ... embedded in files
Extract artifacts remained in PE file
Anomaly detection
Right-click for Copy, Search in web, Whois and dump
Built in hex editor
Explorer context menu integration
Descriptive information for data members
Refresh, Save and Save as menu commands
Drag and drop support
List view columns can sort data in an appropriate way
Open file from command line
Checksum validation
Plugin enabled

Additional Information

Homepage: https://www.mzrst.com/
It's also included in BlackArch Linux(https://blackarch.org/windows.html)

Activities

g0tmi1k

g0tmi1k

2018-01-29 15:20

administrator   ~0008512

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?

Issue History

Date Modified Username Field Change
2017-04-19 12:58 CapsLock New Issue
2018-01-29 15:20 g0tmi1k Note Added: 0008512
2020-03-18 18:05 g0tmi1k Status new => closed
2020-03-18 18:05 g0tmi1k Resolution open => suspended