PE Import Hash Generator
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
.gitignore Initial Commit of first Beta Feb 9, 2014
README.txt Initial Commit of first Beta Feb 9, 2014
goodimps.db Initial Commit of first Beta Feb 9, 2014 0.7.0 Jul 17, 2017


# IMPHash Generator
# by Florian Roth
# February 2014

This tool generates "PE import hashes" for all executables it finds in the given
directory and marks every import hash as unusable that can also be found in the

The goodware hash database contains hash values from:
- Windows 7 64bit system folder
- Cygwin 32 bit
- Office 2012
- Python 2.7

Typical use cases:

Scan a directory and generate the PE import hashes for all executables in this 

    python -p X:\MAL\Virus1

Generate a goodware hash database from my Windows directory:

    python --createdb -r -p C:\Windows

Update the goodware hash database with PE import hashes generated from 
executables from the programs folder.

    python --updatedb -r -p "C:\Program Files"