Monday, December 25, 2023

PE format

PE format

    Top tools

  1. Training 3: Basics About the PE Format and .NET

    2. You already know how to find that out. Use the "file" command, TrID, or look at the sample with a hex editor. All of these ways should tell you what kind of file we have here.

  2. app-peid

    3. PE iDentifier v0.95 (2008.11.03) by snaker, Qwerton, Jibz & xineohP
    ------------------------------------------------------ PEiD detects most common packers, cryptors and compilers for PE files. It can currently detect more than 600 different signatures in PE files.

  3. ExeInfo: PE

    4. Packer, compressor detector / unpack info / internal exe tools Detect : Symbian / Android / Linux / Mac OS - files PUP / PUA Applications & Downloaders Archives : .zip , .rar , .zlb , .gz , .7 zip , .tar , .cab .is , ...

  4. A.S.L Soft

    5. Free Windows software Detect packer , compiler , protector , .NET obfuscator , PUA application

  5. PEiD

    6. PEiD detects most common packers, cryptors and compilers for PE files. It can currently detect more than 470 different signatures in PE files. It seems that the official website (www.peid.info) has been discontinued. Hence, the tool is no longer available from the official website but it still hosted on other sites.

  6. PE Format Illustrated – Part 1

    7. Beginners tutorial on PE format, with illustrations. Planned to be an easy-to-follow overview tutorial with a lot of illustrations, without going into all the details. We tried to focus on the big picture.

  7. PE Format Illustrated – Part 2

    8. This is a beginner’s tutorial on PE format applied to .NET assemblies. We tried to give light illustrated text. We tried to focus on the big picture.

  8. A Number of Reusable PE File Format Scanning Functions

    9. Useful functions to retrieve information from PE files.

    his article accompanies a number of command line sample applications that wrap some common code of mine. This common code can be used to extract various information from PE format files (PE format stands for Portable Executable Format). The four samples are named bitness, pefileuses, dotnetsearch and pdbget.

  9. Pepper

    10. PE (x86) and PE+ (x64) files viewer, based on libpe.

  10. Anatomy of a .NET Assembly – PE Headers

    11. Today, I’ll be starting a look at what exactly is inside a .NET assembly – how the metadata and IL is stored, how Windows knows how to load it, and what all those bytes are actually doing. First of all, we need to understand the PE file format.

  11. .NET File Format - Signatures Under the Hood, Part 1 of 2

    12. A full description of signatures, that are part of the .NET file format

  12. .NET File Format - Signatures Under the Hood, Part 2 of 2

    13. A full description of signatures, that are part of the .NET file format

  13. PE file format part1 - DOS Headers, Signature, File Header

  14. PE file format part2 - Optional Header

    15. 0:16 / 3:32 PE file format part2 - Optional Header

  15. The .NET File Format

    16. The standards of the .NET format are public, you can find them on Microsoft and in your .NET SDK (look after "Partition II Metadata.doc"), but they are intended to be a more like a reference, not really a guide. So, the truth is that a description of the format can be useful. I mean there's a huge difference between having the WinNT.h and having the full explanation of structures and stuff. The documentation given by Microsoft has some explanations, but a lot of passages aren't very clear at all. Of course, it's required that you know quite well the PE File Format. If that's not the case, you should start with that first, otherwise you won't be able to make heads or tails of this article. A little warning: I'm not going to explain how to use the libraries given by Microsoft to access the .NET Format, I'm going to explain the format itself. This article is based on the Framework 2.0.

  16. Explorer Suite

    17. Small announcement: If you or your organization needs professional PE inspection, then take a look at Cerbero Suite (the commercial product of my company), which properly supports many file formats beyond the complete Portable Executable specification. It’s multi-platform (Windows, OS X & Linux) and it comes as a free trial.

  17. The .NET File Format

    18. A full description of the .NET File format.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)