Analyzer    Download    Manual    Changelog    Todo    Screenshots    More   

file analyzer

 Please select .exe or .dll files to analysis (max. 2M).

Choose a File

Options (don't select any options for full output):


 

What is pev

A little command-line based tool for PE (Windows executables) analysis, tested on Linux, Windows and OSX systems. In addition, is written in C following ANSI standard, so it's possible to compile pev in many other systems. pev is free and open source software, under GPLv3 license.


Motivation

In Windows systems, we have the Windows API to support PE information retrieval, but out-of-the-box, we don't have anything. pev implements the PE/COFF specification to understand PE file headers, fields and values and can show this information to the user without using Windows API. Thus, we can run pev and make a PE analysis in other systems, like Linux or UNIX.


Using

pev can be used by programmers, sysadmins or security analysts to analyze EXE/DLL Windows suspicious files, generate signatures for malwares, control executable versions, study PE internals, reverse files and more.



© 2011 - Coding 40° - pev the PE file analyzer
thanks to @barros_filipe for website development!