[1.0.0] Verify signatures and print signatures informations && Fix: multiples bugs to resolve functions names

Author: mauricelambert

PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ProgramExecutableAnalyzer
-Version: 0.0.11
+Version: 1.0.0
 Summary: This script analyzes MZ-PE (MS-DOS) executable.
 Home-page: https://github.com/mauricelambert/ProgramExecutableAnalyzer
 Author: Maurice Lambert
@@ -35,15 +35,24 @@ This script analyzes MZ-PE (MS-DOS) executable file.
 
 This tool is useful for malware analysis or debug/understand compiled dependencies.
 
- 1. Analyze DLLs and imported functions name
- 2. Analyze exported functions name
- 3. Get executable filename at the compiled time
- 4. Get encodings and languages used for compilation
- 5. Get timestamps saved in executable
- 6. Get architecture, system version, resources (Version file, Manifest)
- 7. Get company name, product name, product version, copyright
- 8. Sections names, sizes, addresses and characteristics
- 9. When *matplotlib* and *EntropyAnalysis* are installed, generate charts for entropy analysis (with sections)
+ 1. Verify signature and print informations about signature and trust
+ 2. Analyze DLLs and imported functions name
+ 3. Analyze exported functions name
+ 4. Get executable filename at the compiled time
+ 6. Get encodings and languages used for compilation
+ 7. Print informations about rich headers
+ 8. Get timestamps saved in executable
+ 9. Print informations about sections and characteristics (permissions, ect...)
+ 10. Print the entry point position and section
+ 11. Get architecture, system version, resources (Version file, Manifest)
+ 12. Get company name, product name, product version, copyright
+ 13. Sections names, sizes, addresses and characteristics
+ 14. Analyze MS-DOS and NT headers
+ 15. When *matplotlib* is installed, generate charts to compare sections on the disk and in the memory
+ 16. When *matplotlib* and *EntropyAnalysis* are installed, generate charts for entropy analysis (with sections)
+ 17. Extract overlay
+
+TODO: analyze results to detect language and score the risk.
 
 ## Requirements
 
@@ -55,7 +64,7 @@ This tool is useful for malware analysis or debug/understand compiled dependenci
  - matplotlib
  - EntropyAnalysis
 
->> *Matplotlib* and *EntropyAnalysis* are not installed by *ProgramExecutableAnalyzer* because this package can be installed on server without GUI.
+> *Matplotlib* and *EntropyAnalysis* are not installed by *ProgramExecutableAnalyzer* because this package can be installed on server without GUI.
 >> You can install optinal required packages with the following command: `python3 -m pip install matplotlib EntropyAnalysis`
 
 ## Installation
@@ -78,10 +87,14 @@ python3 ProgramExecutableAnalyzer.py -v executable.exe  # Verbose mode
 ![PE Headers Analysis](https://mauricelambert.github.io/info/python/security/PEheaders.png "PE Headers Analysis")
 ![PE Headers Analysis](https://mauricelambert.github.io/info/python/security/PEversion.png "PE Version Analysis")
 ![PE Imports Analysis](https://mauricelambert.github.io/info/python/security/PEimports.png "PE Imports Analysis")
+![PE Signature Informations](https://mauricelambert.github.io/info/python/security/Signature.png "PE Signature Informations")
+![PE Entropy Analysis](https://mauricelambert.github.io/info/python/security/PEEntropyAnalysis.png "PE Entropy Analysis")
+![PE Compare Section Size Charts](https://mauricelambert.github.io/info/python/security/CompareSectionsSizes.png "PE Compare Section Size Charts")
 
 ## Links
 
  - [Github Page](https://github.com/mauricelambert/ProgramExecutableAnalyzer/)
+ - [Pypi package](https://pypi.org/project/ProgramExecutableAnalyzer/)
  - [Python Executable](https://mauricelambert.github.io/info/python/security/ProgramExecutableAnalyzer.pyz)
  - [Windows Executable](https://mauricelambert.github.io/info/python/security/ProgramExecutableAnalyzer.exe)
 

ProgramExecutableAnalyzer.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ProgramExecutableAnalyzer
-Version: 0.0.11
+Version: 1.0.0
 Summary: This script analyzes MZ-PE (MS-DOS) executable.
 Home-page: https://github.com/mauricelambert/ProgramExecutableAnalyzer
 Author: Maurice Lambert
@@ -35,15 +35,24 @@ This script analyzes MZ-PE (MS-DOS) executable file.
 
 This tool is useful for malware analysis or debug/understand compiled dependencies.
 
- 1. Analyze DLLs and imported functions name
- 2. Analyze exported functions name
- 3. Get executable filename at the compiled time
- 4. Get encodings and languages used for compilation
- 5. Get timestamps saved in executable
- 6. Get architecture, system version, resources (Version file, Manifest)
- 7. Get company name, product name, product version, copyright
- 8. Sections names, sizes, addresses and characteristics
- 9. When *matplotlib* and *EntropyAnalysis* are installed, generate charts for entropy analysis (with sections)
+ 1. Verify signature and print informations about signature and trust
+ 2. Analyze DLLs and imported functions name
+ 3. Analyze exported functions name
+ 4. Get executable filename at the compiled time
+ 6. Get encodings and languages used for compilation
+ 7. Print informations about rich headers
+ 8. Get timestamps saved in executable
+ 9. Print informations about sections and characteristics (permissions, ect...)
+ 10. Print the entry point position and section
+ 11. Get architecture, system version, resources (Version file, Manifest)
+ 12. Get company name, product name, product version, copyright
+ 13. Sections names, sizes, addresses and characteristics
+ 14. Analyze MS-DOS and NT headers
+ 15. When *matplotlib* is installed, generate charts to compare sections on the disk and in the memory
+ 16. When *matplotlib* and *EntropyAnalysis* are installed, generate charts for entropy analysis (with sections)
+ 17. Extract overlay
+
+TODO: analyze results to detect language and score the risk.
 
 ## Requirements
 
@@ -55,7 +64,7 @@ This tool is useful for malware analysis or debug/understand compiled dependenci
  - matplotlib
  - EntropyAnalysis
 
->> *Matplotlib* and *EntropyAnalysis* are not installed by *ProgramExecutableAnalyzer* because this package can be installed on server without GUI.
+> *Matplotlib* and *EntropyAnalysis* are not installed by *ProgramExecutableAnalyzer* because this package can be installed on server without GUI.
 >> You can install optinal required packages with the following command: `python3 -m pip install matplotlib EntropyAnalysis`
 
 ## Installation
@@ -78,10 +87,14 @@ python3 ProgramExecutableAnalyzer.py -v executable.exe  # Verbose mode
 ![PE Headers Analysis](https://mauricelambert.github.io/info/python/security/PEheaders.png "PE Headers Analysis")
 ![PE Headers Analysis](https://mauricelambert.github.io/info/python/security/PEversion.png "PE Version Analysis")
 ![PE Imports Analysis](https://mauricelambert.github.io/info/python/security/PEimports.png "PE Imports Analysis")
+![PE Signature Informations](https://mauricelambert.github.io/info/python/security/Signature.png "PE Signature Informations")
+![PE Entropy Analysis](https://mauricelambert.github.io/info/python/security/PEEntropyAnalysis.png "PE Entropy Analysis")
+![PE Compare Section Size Charts](https://mauricelambert.github.io/info/python/security/CompareSectionsSizes.png "PE Compare Section Size Charts")
 
 ## Links
 
  - [Github Page](https://github.com/mauricelambert/ProgramExecutableAnalyzer/)
+ - [Pypi package](https://pypi.org/project/ProgramExecutableAnalyzer/)
  - [Python Executable](https://mauricelambert.github.io/info/python/security/ProgramExecutableAnalyzer.pyz)
  - [Windows Executable](https://mauricelambert.github.io/info/python/security/ProgramExecutableAnalyzer.exe)