Submit portable freeware that you find here. It helps if you include information like description, extraction instruction, Unicode support, whether it writes to the registry, and so on.
PPEE (puppy) is a Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more details.
Puppy is free and tries to be small, fast, nimble and friendly as your puppy!
Features
Puppy is robust against malformed and crafted PE files which makes it handy for reversers, malware researchers and those who want to inspect PE files in more details. All directories in a PE file including Export, Import, Resource, Exception, Certificate(Relies on Windows API), Base Relocation, Debug, TLS, Load Config, Bound Import, IAT, Delay Import and CLR are supported.
Both PE32 and PE64 support
Parsing exe, dll, sys, scr, drv, cpl, ocx and more
Entropy and MD5 calculation of the sections and resource items
View strings embedded in files
Built in hex editor
Edit most of the data directory structures
Descriptive information for data members
Refresh, Save and Save as menu commands
List view columns can sort data in an appropriate way
Plugin enabled
There are lots of tools out there for statically analyzing malicious binaries, but they are ordinary tools for ordinary files. Puppy is a lightweight yet strong tool for static investigation of suspicious files. A companion plugin is also provided to take one-click technical information about the file such as its size, entropy, attributes, hashes, version info and so on.
- Virustotal and OPSWAT's Metadefender query report is added to the plugin (Without submitting the file)
- Suspicious strings treeview item added (Customizable via Suspicious.txt file)
- Timedate stamp now shown in UTC standard, with days passed
- Statusbar shows basic PE info
- Minor bug fixes
smaragdus wrote:When I try to open PPEE web-site I got a warning that This Connection is Untrusted.
Looks like their TLS certificate expired this Sunday:
mzrst.com verwendet ein ungültiges Sicherheitszertifikat.
Das Zertifikat ist am Sonntag, 9. Oktober 2016 01:59 abgelaufen. Die aktuelle Zeit ist Sonntag, 9. Oktober 2016 22:56.
They will need to buy a new certificate for their domain. Or switch to a free service like "Let's Encrypt", which will constantly renew your certificate...