Windows Executable Packer Detection
This script uses various methods to detect known executable file packers. The script first parses the structure of the PE data, then uses known characteristics of this structure to identify the packers.
This script was developed for use in EnCase training. For more details, please click the following link:
Download Now
Version:
1.1.2
Tested with:
EnCase Forensic 7.03
EnCase Forensic 7.03
Developer: James Habben
Category: Utility
2990
Downloads
201
Downloads in last 6 months