Exescan
ExeScan is the FREE console based tool to detect anomalies in PE (Portable Executable) files. It quickly scans given executable file and detect all kind of anomalies in its PE header fields including checksum verifications, size of various header fields, improper size of raw data, non-ascii/empty section names etc. Various packers/protectors modify PE header to make reversing harder. Sometimes anomalies in PE header may crash Debugging tools thereby blocking your attempt to reversing. Such anomalies can also make some of the GUI based PE analysis tools to fail to parse PE headers. In such cases ExeScan can come handy by helping you to quickly detect such anomalies. Then you can fix them and proceed to further analysis of malware. In addition to finding various anomalies, it can also detect packer/compiler used to pack/build the target executable file. Being console based tool, you can easily integrate it with your malware automation suite.
Install / Use
/learn @cysinfo/ExescanREADME
Required:
1. Python - http://python.org/ >= 2.5 < 3.0
2. PEfile - http://code.google.com/p/pefile/
Related Skills
node-connect
325.9kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
80.3kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
325.9kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
80.3kCommit, push, and open a PR
