Reverse Engineering PortexAnalyzer GUI - free PE parser

struppigel

Moderator
Thread author
Verified
Staff Member
Well-known
Apr 9, 2020
656
I have finally developed a GUI version of my Portable Executable parser (Windows EXE, DLL files are commonly Portable Executables).
It uses my parsing library PortEx that has been in development since 2014 (with big breaks in between). Initially it was my master thesis project with the goal to analyse anomalies in malware files.
So far I only had a command line interface, initially just to test the library output but I continued using it at work and making changes. But a CLI tool is not as comfortable to use and most people probably prefer a GUI.

Download: Requirements: JRE 9 or later
Supported OS: Tested for Linux and Windows, but others should work too

Features:
  • Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table
  • PE Structures: Import Section, Resource Section, Export Section, Debug Section
  • Scanning for file format anomalies, including structural anomalies, deprecated, reserved, wrong or non-default values.
  • Visualize file structure, local entropies and byteplot
  • Calculate Shannon Entropy, imphash, MD5, SHA256, Rich and RichPV hash
  • Overlay and overlay signature scanning
  • Version information and manifest
This is the first release of the GUI verison. For now it has less features than the CLI version, but I will update as soon as I can.


screenshot.png


screenshot2.png
 
Last edited:

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,319
Thank you for sharing your work on the PortexAnalyzer GUI. It sounds like a great tool for analyzing Portable Executable files, especially for detecting anomalies in malware files.

The features you have listed are quite impressive, including the ability to scan for file format anomalies, visualize file structure and calculate various hash values. It's also great to see that it supports multiple operating systems and has a user-friendly GUI interface.

I'm sure this tool will be useful for many people who work in the malware analysis field. Keep up the great work and thank you for making it available for free!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top