Provided by: pev_0.81-7_amd64 
NAME
pedis - disassemble PE sections and functions
SYNOPSIS
pedis [OPTIONS]... pefile
DESCRIPTION
pedis is a PE disassembler relyng on udis86 library. It can disassembly entire sections,
functions or any file position you want. It's part of pev, the PE file analysis toolkit.
pefile is a PE32/PE32+ executable or dynamic linked library file.
OPTIONS
--att Set AT&T assembly syntax (default: Intel).
-e, --entrypoint
Disassemble the entire entrypoint function.
-f, --format <text|csv|xml|html>
Change output format (default: text).
-m, --mode <16|32|64>
Disassembly mode (default: auto).
-i <number>
Number of instructions to disassemble.
-n <number>
Number of bytes to disassemble.
-o, --offset <offset>
Disassemble at specified offset, either in decimal or hexadecimal format (prefixed
with 0x).
-r, --rva <rva>
Disassemble at specified RVA, either in decimal or hexadecimal format (prefixed
with 0x).
-s, --section <name>
Disassemble en entire section given.
-V, --version
Show version.
--help Show this help.
EXAMPLES
Disassemble RVA 0x4c4df from putty.exe:
$ pedis -r 0x4c4df putty.exe
Disassembly the entrypoint of a 64-bit PE32+ wordpad.exe:
$ pedis -m 64 --entrypoint putty.exe
Disassembly in 16-bits mode, starting from offset 0x40, 32 bytes of code from game.exe:
$ pedis -m 16 -o 0x40 -n 32 game.exe
REPORTING BUGS
Please, check the latest development code and report at
https://github.com/merces/pev/issues
SEE ALSO
ofs2rva(1), pehash(1), peldd(1), pepack(1), peres(1), pescan(1), pesec(1), pestr(1),
readpe(1), rva2ofs(1)
COPYRIGHT
Copyright (C) 2012 - 2020 pev authors. License GPLv2+: GNU GPL version 2 or later
<https://www.gnu.org/licenses/gpl-2.0.txt>. This is free software: you are free to change
and redistribute it. There is NO WARRANTY, to the extent permitted by law.
PEDIS(1)