PE File Analysis tool
* Load specific file for analysis
* Show important information about the PE file format
* Disassemble compiled executable in an interactive shell
* Find YARA rules that the file is compatible with
-
Run the tool
python pefa.py
-
Loads the wanted file Press
load
orl
and enter file's full path.
-
Choose your option! You can use the Help menu.
-
info
yara
dis
Allows to reverse-engineer the file start from its entry point, in an interactive disassembler.
Copyright (c) 2022 Barak Aharoni. All Rights Reserved.