Various tools useful for offensive operations (reversing, etc) regarding the PE (Portable Executable) format

Oct 23, 2021 1 min read

PE-Tools

This repository contains various tools useful for offensive operations (reversing, etc) regarding the PE (Portable Executable) format

Installs needed: pip3 install pefile

Signature searcher

This tool simply finds all .exe files in the C drive and searches for a keyword in their Authenticode signature. This is useful to find all the files signed by the same company (this proves to be useful for thick app pentesting for example).

For more info about Authenticode check this:

Exported symbols

This tool simply outputs all of the exported functions of the PE files found in a given directory

GitHub

View Github

Tool

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.