QuasarApp/pe-parse
4
0
Fork 0
mirror of https://github.com/QuasarApp/pe-parse.git synced 2025-04-28 21:34:31 +00:00
Code Issues Projects Releases Wiki Activity
pe-parse/python
History
Wesley Shields 1caefedc6a Start to document things.
2013-11-30 23:08:44 -05:00
..
pepy.cpp
Implement relocations.
2013-11-30 22:44:30 -05:00
README.md
Start to document things.
2013-11-30 23:08:44 -05:00
setup.py
Initial commit of pepy (pronounced p-pie).
2013-11-27 15:52:24 -05:00
test.py
Implement relocations.
2013-11-30 22:44:30 -05:00

README.md

pepy

pepy (pronounced p-pie) is a python binding to the pe-parse parser.

Building

If you can build pe-parse and have a working python environment (headers and libraries) you can build pepy.

  1. Build pepy:
  • python setup.py build
  1. Install pepy:
  • python setup.py install

Using

There are a number of objects involved in pepy. The main one is the parsed object. This object is returned by the parse method.

import pepy p = pepy.parse("/path/to/exe")

The parsed object has a number of methods:

  • get_entry_point: Return the entry point address
  • get_bytes: Return the first N bytes at a given address
  • get_sections: Return a list of section objects
  • get_imports: Return a list of import objects.
  • get_exports: Return a list of export objects.
  • get_relocations: Return a list of relocation objects

Authors

pe-parse was designed and implemented by Andrew Ruef (andrew@trailofbits.com) pepy was written by Wesley Shields (wxs@atarininja.org)