====== Python读写Windows PE（EXE，DLL）文件：pefile ======

pefile是一个读取window PE文件信息的模块，能够得到exe, dll等PE文件的公司、版本、导入函数、导出函数等信息。

pefile is a multi-platform Python module to read and work with Portable Executable (aka PE) files. Most of the information in the PE Header is accessible, as well as all the sections, section's information and data.

pefile requires some basic understanding of the layout of a PE file. Armed with it it's possible to explore nearly every single feature of the file.

Some of the tasks that pefile makes possible are:

  * Modifying and writing back to the PE image
  * Header Inspection
  * Sections analysis
  * Retrieving data
  * Warnings for suspicious and malformed values
  * Packer detection with PEiD’s signatures
  * PEiD signature generation

  * [[modules:pefile]]
===== 参考 =====
  * 项目主页：http://code.google.com/p/pefile/
  * 简单用法：http://code.google.com/p/pefile/wiki/UsageExamples
  * [[python-files:pe-format]]