PE-bear v0.3.7 (x86 & x64 & Linux)
PE-bearWhat it is?PE-bear is a new reversing tool for PE files. It is coded and designed basically by me (hasherezade), however I welcome every suggestion or feature proposal. For now it is a freeware, but you can expect open source in the future.Objective: to deliver fast and flexible “first view” tool for malware analysts. Stable and capable to handle malformed PE files.DownloadThe latest version is 0.3.7 (beta), released: 23.03.2014
Please send me your remarks and help making PE-bear a top quality product! :)
/*Thanks for all the feature requests. I could not find time to implement them all for this release, but it doesn’t mean I’ve forgotten.They will be included as soon as possible. */
LICENSE
Changelog & more info
http://hshrzd.files.wordpress.com/2013/06/windows-icon.png?w=640Available here: [PE-bear 0.3.7 32bit] [PE-bear 0.3.7 64bit] (exe only: x86,x64) , *requires: Microsoft Visual C++ 2010 Redistributable Package, available here: [Redist 32bit] [Redist 64bit
http://hshrzd.files.wordpress.com/2013/06/linux-icon.png?w=48&h=48PE-bear for Linux (for now only binary): PE-bear32,PE-bear64,(requires: libqt4-core, libqt4-gui, libqt4-network), screenshot
Signatures (updated 22.01.2014):
http://hasherezade.net/PE-bear/download/SIG.txt(Included PEid’s UserDB– converted by the script provided by crashish)
Tutorial (under construction)
http://hasherezade.net/PE-bear/tutorial/
Features and details
[*]handles PE32 and PE64
[*]views multiple files in parallel
[*]recognizes known packers (by signatures)
[*]fast disassembler – starting from any chosen RVA/File offset
[*]visualization of sections layout
[*]selective comparing of two chosen PE files
[*]adding new elements (sections, imports)
[*]and more…
Currently project is under rapid development. You can expect frequent updates. Any suggestions/bug reports are welcome. I am waiting for your e-mails and comments.Special thanks goes to:
Sfires, for hosting and supporting the project on early stage of development.
Ange Albertini – for valuable advices and excellent set of corner-case samples
Screenshotshttp://hasherezade.net/PE-bear/pics/0_3_0.png
http://hasherezade.net/PE-bear/pics/0_3_0_multi.pnghttp://hasherezade.net/PE-bear/pics/0_3_0_sections.png
http://hasherezade.net/PE-bear/pics/0_3_0_compare.png
Download :
x86
http://filecloud.io/rgc3ul7p
x64
http://filecloud.io/1gvs4xfl
Linux
http://filecloud.io/mn5yw8rg
下载不了噢!vpn才行 我还以为是跨平台的 能打开页面,但还是下载不了 蛋疼的网盘啊
百度分流下
Linux
链接: http://pan.baidu.com/s/1o6p1qgM 密码: al82
X64
链接: http://pan.baidu.com/s/1i3Lz6Nr 密码: nmzh
X86
链接: http://pan.baidu.com/s/1mgzEGxa 密码: dxfi
功能强大,不过不怎么用得上
页:
[1]