Skip to content

Latest commit

 

History

History
60 lines (43 loc) · 3.94 KB

README.md

File metadata and controls

60 lines (43 loc) · 3.94 KB

PyPackerDetect Tweet

Detect packers on PE files using heuristics and signatures.

PyPi Python Versions Build Status DOI License

A complete refactoring of this project to a Python package with a console script to detect whether an executable is packed.

pefile is used for PE parsing. peid is used as implementation of PEiD.

$ pip install pypackerdetect
$ pypackerdetect --help
[...]
usage examples:
- pypackerdetect program.exe
- pypackerdetect program.exe -b
- pypackerdetect program.exe --low-imports --unknown-sections
- pypackerdetect program.exe --imports-threshold 5 --bad-sections-threshold 5

💡 Detection Mechanisms

  • PEID signatures
  • Known packer section names
  • Entrypoint in non-standard section
  • Threshhold of non-standard sections reached
  • Low number of imports
  • Overlapping entrypoint sections

⭐ Related Projects

You may also like these:

👏 Supporters

Stargazers repo roster for @packing-box/PyPackerDetect

Forkers repo roster for @packing-box/PyPackerDetect

Back to top