Kev Posted March 25, 2023 Report Posted March 25, 2023 Graphical interface for PortEx, a Portable Executable and Malware Analysis Library Features Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table PE Structures: Import Section, Resource Section, Export Section, Debug Section Scanning for file format anomalies Visualize file structure, local entropies and byteplot, and save it as PNG Calculate Shannon Entropy, Imphash, MD5, SHA256, Rich and RichPV hash Overlay and overlay signature scanning Version information and manifest Icon extraction and saving as PNG Customized signature scanning via Yara. Internal signature scans using PEiD signatures and an internal filetype scanner. Supported OS and JRE I test this program on Linux and Windows. But it should work on any OS with JRE version 9 or higher. Future I will be including more and more features that PortEx already provides. These features include among others: customized visualization extraction and conversion of icons to .ICO files dumping of sections, overlay, resources export reports to txt, json, csv Some of these features are already provided by PortexAnalyzer CLI version, which you can find here: PortexAnalyzer CLI Download: PortexAnalyzerGUI-main.zip or git clone https://github.com/struppigel/PortexAnalyzerGUI.git Source 1 Quote
