Changelog for this version:
pev 0.70 - December 26, 2013
! Missing full/English documentation.
! Missing valid XML and HTML output formats.
! pestr: no support for --net option when parsing unicode strings.
! pestr: unable to handle too big strings.
* libpe: rewritten, now using mmap. (Jardel Weyrich).
* pestr: added countries domains suffixes.
* readpe and peres: output enhancements (Jardel Weyrich).
+ pehash: sections and headers hash calculation (Jardel Weyrich).
+ pehash: ssdeep fuzzy hash calculation.
+ pehash: support for new digest hashes like sha512, ripemd160 and more.
+ peres: added new tool to analyze/extract PE resources (Marcelo Fleury).
+ pescan: cpl malware detection.
+ pescan: undocumented anti-disassembly fpu trick detection.
+ pesec: show and extract cerfiticates from digitally signed binaries (Jardel Weyrich).
- readpe can't show functions exported by ID only.
- readpe: fixed subsystem types (Dmitry Mostovenko).
pev is a PE file analysis toolkit that includes some nice programs to work with
PE files in many systems. It can be useful for programmers, security analysts
and forensic investigators. It's licensed under GPLv3+ terms.
