Re-implementation and packaging of PyPackerDetect
Detect packers on PE files using heuristics and signatures.
A complete refactoring of this project to a Python package with a console script to detect whether an executable is packed.
$ pip install pypackerdetect
$ pypackerdetect --help [...] usage examples: - pypackerdetect program.exe - pypackerdetect program.exe -b - pypackerdetect program.exe --low-imports --unknown-sections - pypackerdetect program.exe --imports-threshold 5 --bad-sections-threshold 5
:bulb: Detection Mechanisms
- PEID signatures
- Known packer section names
- Entrypoint in non-standard section
- Threshhold of non-standard sections reached
- Low number of imports
- Overlapping entrypoint sections
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.