In case you missed it earlier this month, Blackberry released a tool of theirs that they use for reverse engineering malware. That tool is called PE Tree and is open-source and written in Python.
Blackberry used the popular PyQt5 GUI toolkit to write that displays a tree view of portable executables, which makes it easier dump and reconstruct malware that is in memory.
The PR Tree tool works on Windows, Mac and Linux. It can run as a standalone application or as a plugin for IDAPython, which itself is a plugin for a disassembler.
This sounds like a really neat tool. If nothing else, it will be a good application to use for learning how to create a real-world GUI with Python.
Copyright © 2024 Mouse Vs Python | Powered by Pythonlibrary