Skip to main content

Re-implementation and packaging of PyPackerDetect

Project description

PyPackerDetect Tweet

Detect packers on PE files using heuristics and signatures.

PyPi Build Status Python Versions Requirements Status Known Vulnerabilities DOI License

A complete refactoring of this project to a Python package with a console script to detect whether an executable is packed.

pefile is used for PE parsing. peid is used as implementation of PEiD.

$ pip install pypackerdetect
$ pypackerdetect --help
usage examples:
- pypackerdetect program.exe
- pypackerdetect program.exe -b
- pypackerdetect program.exe --low-imports --unknown-sections
- pypackerdetect program.exe --imports-threshold 5 --bad-sections-threshold 5

:bulb: Detection Mechanisms

  • PEID signatures
  • Known packer section names
  • Entrypoint in non-standard section
  • Threshhold of non-standard sections reached
  • Low number of imports
  • Overlapping entrypoint sections

:clap: Supporters

Stargazers repo roster for @dhondta/PyPackerDetect

Forkers repo roster for @dhondta/PyPackerDetect

Back to top

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pypackerdetect-1.0.6.tar.gz (293.3 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page