pev is a toolkit that include tools for parsing PE files from the command-line and provide a formatted output (JSON, XML, CSV, etc) or basically human-readable text. It includes the following tools:
-
pedis
16, 32 and 64-bit disassembler with interesting capabilities like "disassemble function at X" or "disassemble just the entrypoint".
-
pehash
Calculates cryptographic hashes for the whole file and its headers individually. It supports MD5, SHA-1, SHA-256, ssdeep and imphash.
-
peldd
Check dependencies of a given PE file. It's like "ldd" command but for PE files.
-
pepack
Indentifies common packers used to compress/protect PE files.
-
peres
See and extract PE file resources.
-
pescan
Scan PE for malformed parts indicating they may be suspicious.
-
pesec
Check security features used by compilers (for i.e. stack canary, ASLR, etc).
-
pestr
Show both ASCII and Unicode strings contained in a PE file and tell what section they belong to, if applicable.
-
readpe
The most used tool. Parses all PE headers. It's equivalent to dumpbin, objdump, etc.
And more.