Python implementation of the Packed Executable iDentifier (PEiD)
Project description
Packed Executable iDentifier
Detect packers on PE files using signatures.
This tool is an implementation in Python of the Packed Executable iDentifier (PEiD) in the scope of packing detection for Windows PE files based on signatures. It uses the userdb.txt
database from this repository.
It relies on pefile
for abstracting PE files and reading signatures databases.
$ pip install peid
The main tool checks the input executable against the embedded or user-defined signatures database.
$ peid --help
[...]
$ peid program.exe
[...]
$ peid program.exe --db custom_sigs_db.txt
The second tool allows to create and integrate new signatures.
$ peidsig *.exe --db path/to/userdb.txt --packer UPX --version v3.97 --author jsmith
:clap: Supporters
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
peid-1.2.4.tar.gz
(247.7 kB
view hashes)