Skip to main content

Python implementation of the Packed Executable iDentifier (PEiD)

Project description

Packed Executable iDentifier Tweet

Detect packers on PE files using signatures.

PyPi Build Status Python Versions Requirements Status Known Vulnerabilities DOI License

This tool is an implementation in Python of the Packed Executable iDentifier (PEiD) in the scope of packing detection for Windows PE files based on signatures. It uses a combination of more than 5.500 signatures merged from the following sources:

It relies on pefile for abstracting PE files and reading signatures databases.

$ pip install peid

The main tool checks the input executable against the embedded or user-defined signatures database.

$ peid --help
[...]

$ peid program.exe
[...]

$ peid program.exe --db custom_sigs_db.txt

The second tool allows to create and integrate new signatures.

$ peidsig *.exe --db path/to/userdb.txt --packer UPX --version v3.97 --author jsmith

:star: Related Projects

You may also like these:

:clap: Supporters

Stargazers repo roster for @dhondta/peid

Forkers repo roster for @dhondta/peid

Back to top

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

peid-1.2.6.tar.gz (249.3 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page