pev

pev is a toolkit that include tools for parsing PE files from the command-line and provide a formatted output (JSON, XML, CSV, etc) or basically human-readable text. It includes the following tools:

• pedis 16, 32 and 64-bit disassembler with interesting capabilities like "disassemble function at X" or "disassemble just the entrypoint".

• pehash Calculates cryptographic hashes for the whole file and its headers individually. It supports MD5, SHA-1, SHA-256, ssdeep and imphash.

• peldd Check dependencies of a given PE file. It's like "ldd" command but for PE files.

• pepack Indentifies common packers used to compress/protect PE files.

• peres See and extract PE file resources.

• pescan Scan PE for malformed parts indicating they may be suspicious.

• pesec Check security features used by compilers (for i.e. stack canary, ASLR, etc).

• pestr Show both ASCII and Unicode strings contained in a PE file and tell what section they belong to, if applicable.

• readpe The most used tool. Parses all PE headers. It's equivalent to dumpbin, objdump, etc.

And more.