Home

Awesome

Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE and ELF file formats (it performs code analysis and let you write scripts using an API to perform many types of analysis), follows direct call/jmp instructions in the interactive command line, displays function names and string data references; supports OLE2 format, PDF format and more. It also supports plugins to add more features to the tool.

Pyew have been successfully used in big malware analysis systems since almost 4 years, processing thousand of files daily.

See some usage examples, example batch scripts or a tool to compare and group programs (PE and ELF) using the API provided by Pyew.

NOTE: It's highly recommended to always use the Mercurial version (and the branch 3.X) instead of the versions available in the Downloads section.

ChangeLog:

Version 3.X (In development)

Version 2.2 Stable (12-30-2012)

Version 2.1 Beta (11-27-2011)

Version 2.0

Version 1.1.1

Pyew is very similar in some aspects to the following tools: