Pefile
A Python module for parsing and working with Portable Executable (PE) files, providing access to headers, sections, and embedded data.
What is Pefile?
pefile is a Python module that reads and parses Portable Executable (PE) files, the standard executable format for Windows. It provides programmatic access to PE file headers, sections, embedded resources, and other structural details, enabling deep analysis and modification of executable files. It is widely used in security research, malware analysis, and reverse engineering workflows.
Security researchers, malware analysts, reverse engineers, and developers working on Windows binary analysis or forensic tools who need to inspect or manipulate PE file structures programmatically.
Developers choose pefile because it is a mature, robust, and dependency-free Python library that offers comprehensive access to PE file internals with a straightforward API. Its ability to handle malformed files, detect packers, and support basic modifications makes it a versatile tool for both analysis and lightweight editing tasks.
Overview
pefile is a Python module to read and work with PE (Portable Executable) files
Use Cases
Best For
- Analyzing malware samples for suspicious PE file characteristics
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
