Tools for Static Analysis of Windows Executables

Tutorials Hits: 2849

TotalVirus
- http://www.totalvirus.com
- This web site allows you to upload a file for scanning using multiple antivirus engines.

MD5 & SHA1
- http://www.microsoft.com
- The Microsoft File Checksum Integrity Verifier tool is an unsupported command line utility
  that computes MD5 or SHA1 cryptographic hashes for files.

Strings
- http://www.microsoft.com
- This command line utility scans a file for UNICODE or ASCII strings of a default length (3 characters or more).

Ultimate Packer for Executables
- https://upx.github.io
- Free, open-source packer for executables supporting multiple formats and operating systems.

PEiD
- https://www.aldeid.com/wiki/PEiD
- This utility detects packer, cryptors, compilers for PE executables.

PEBrowsePro
- http://www.smidgeonsoft.prohosting.com/pebrowse-pro-file-viewer.html
- This utility is PE executable viewer/disassembler.

PEView
- http://wjradburn.com/software/
- This utility allows you to examine the structure and components of a PE (Portable Executable) and COFF (Component Object File Format) files.

ResourceHacker
- http://www.angusj.com/resourcehacker/
- This utility examines the resource section of PE files.

DependencyWalker
- http://www.dependencywalker.com/
- This utility scans any 32-bit or 64-bit Windows module (exe, dll, ocx, sys, etc.) and builds a hierarchical tree diagram of all dependent modules. Useful in uncovering dynamically-linked libraries in an executable.