FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

LinkBack Thread Tools
Old 04-11-2008, 05:21 AM
Robert Edmonds
Default Bug#475493: ITP: python-pefile -- Portable Executable (PE) parsing module for Python

Package: wnpp
Owner: "Robert S. Edmonds" <edmonds@debian.org>
Severity: wishlist

* Package name : python-pefile
Version :
Upstream Author : Ero Carrera <ero@dkbza.org>
* URL : http://code.google.com/p/pefile/
* License : BSD
Programming Lang: Python
Description : Portable Executable (PE) parsing module for Python

pefile is a Python module to read and work with Portable Executable (PE)
files. Most of the information in the PE header is accessible, as well as all
the sections, section information and data.
All the basic PE file structures are available with their default names as
attributes of the returned instance.
Processed elements such as the import table are made available with lowercase
names, to differentiate them from the upper case basic structure names.
pefile has been tested against the limits of valid PE headers; that is,
Windows malware. Lots of packed malware attempt to abuse the format beyond its
standard use.
Some of the tasks that pefile makes possible are:
* Modifying and writing back to the PE image
* Header inspection
* Section analysis
* Retrieving data
* Warnings for suspicious and malformed values
* Packer detection with PEiD signatures
* PEiD signature generation

Robert Edmonds

Thread Tools

All times are GMT. The time now is 02:17 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org