Qiew - Hex/File format viewer
Portable Executable (PE) file viewer
Designed to be useful for reverse engineering malware.
- highlights strings/calls/mz-pe very useful in malware analysis.
- PE info, able to jump to sections, entry point, overlay, etc.
- disassembler + referenced strings, API calls
- "highlight all" for current text selection.
This program is licensed under GPLv2.
Binaries available for Windows AMD64, built with cx_Freeze
Installation from sources
If you have a C compiler run
pip install -r requirements.txt
pip install yapsy pefile pyperclip pyaes ply pyelftools androguard PyQt5
and manually install Capstone.
If you develop in a virtualenv on Windows, you need to copy the python3.dll to your virtual env, as only python36.dll is copied automatically.