- Apr 9, 2020
- 667
I have finally developed a GUI version of my Portable Executable parser (Windows EXE, DLL files are commonly Portable Executables).
It uses my parsing library PortEx that has been in development since 2014 (with big breaks in between). Initially it was my master thesis project with the goal to analyse anomalies in malware files.
So far I only had a command line interface, initially just to test the library output but I continued using it at work and making changes. But a CLI tool is not as comfortable to use and most people probably prefer a GUI.
Download:
github.com
Requirements: JRE 9 or later
Supported OS: Tested for Linux and Windows, but others should work too
Features:
It uses my parsing library PortEx that has been in development since 2014 (with big breaks in between). Initially it was my master thesis project with the goal to analyse anomalies in malware files.
So far I only had a command line interface, initially just to test the library output but I continued using it at work and making changes. But a CLI tool is not as comfortable to use and most people probably prefer a GUI.
Download:
Releases · struppigel/PortexAnalyzerGUI
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library - struppigel/PortexAnalyzerGUI
github.com
Supported OS: Tested for Linux and Windows, but others should work too
Features:
- Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table
- PE Structures: Import Section, Resource Section, Export Section, Debug Section
- Scanning for file format anomalies, including structural anomalies, deprecated, reserved, wrong or non-default values.
- Visualize file structure, local entropies and byteplot
- Calculate Shannon Entropy, imphash, MD5, SHA256, Rich and RichPV hash
- Overlay and overlay signature scanning
- Version information and manifest
Last edited:
System theme support
