Filewatcher File Search File Search
Content Search
» » » » »


Portable Executable (PE) parsing module for Python

pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data.

All the basic PE file structures are available with their default names as attributes of the returned instance.

Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names.

pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use.

Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation

Package version:


             pefile - Portable Executable reader module


pefile will allow to access from any Python script all (or most) of the contents
of a given PE file.

The structures defined in the Windows header files will be accessible as the
PE instanc


python-pefile for Debian

You'll probably want to consult the online documentation for usage examples:

Some functions require a signature database, for example:

 -- Robert S. Edmonds <>


python-pefile ( unstable; urgency=low

  * Initial release; closes: #475493.

 -- Robert S. Edmonds <>  Thu, 10 Apr 2008 16:59:47 -0400


Thu Aug  9 01:27:18 CEST 2007
  * Fixed two bugs parsing OffensiveComputing files



This package was debianized by Robert S. Edmonds <> on
Thu, 10 Apr 2008 16:59:47 -

Browse inside python-pefile_1.2.9.1-1_all.deb

         [DIR]DEBIAN/ (5)  65535+ mirrors
         [DIR]usr/ (1)  65535+ mirrors

Download python-pefile_1.2.9.1-1_all.deb

Results 1 - 1 of 1
Help - FTP Sites List - Software Dir.
Search over 15 billion files
© 1997-2017