首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. 安全工具
    3. 发新帖
[转帖]PeStudio
发表于: 2010-9-4 11:44 5047

[转帖]PeStudio

linhanshi 活跃值
2010-9-4 11:44
5047
PeStudio shows you many security relevant details about any application, like:
all libraries that are used by an application
all functions that are imported by an application
all functions (also anonymous) that are exported by an application
all functions that are forwarded to other libraries
all obsolete functions that are exported and imported by an application
whether the Data Execution Prevention (DEP) Windows security mechanism is used
whether the Address Space Layout Randomization (ASLR) Windows security mechanism is used
whether Structured Exception Handling - SEH Windows security mechanism is used
whether some sections are compressed
whether an application is 64-Bit capable
whether an application contains IL Code
which Execution Level will be requested by an application
and many more details...

http://www.winitor.net/tools/PeStudio.zip

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

收藏
免费 1
支持
分享
最新回复 (19)
tmxfh
雪    币: 101
活跃值: (144)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
私信
2
我看不懂英文,我不喜欢老外
2010-9-7 17:12
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
3
PeStudio v3.30
2010-10-14

Changelog

- Corrected duplicated items in Exported functions list
- Put Evidences in XML file
- Show COM Server support in Evidences
- Test COM Server Support

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-10-15 00:34
0
cache
雪    币: 201
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
4
运行不了。。
2010-10-15 12:59
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
5
PeStudio v3.31
2010-10-16

Changelog

- Resolve crash on Window 64 bit

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-10-17 01:49
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
6
PeStudio v3.32
2010-10-20

Changelog
- IAT size estimation for Evidences adjusted
- Show Obsolete Imported functions as Evidence
- Show Obsolete Exported functions as Evidence
- Show usage of HTTP functions as Evidence
- Show usage of RAS functions as Evidence
- Show usage of Winsock functions as Evidence
Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-10-21 10:51
0
cntrump
雪    币: 1708
活跃值: (586)
能力值: ( LV15,RANK:670 )
在线值:
发帖
回帖
粉丝
私信
7
这个程序的界面很大 1024*768 都要被占满。
2010-10-21 11:07
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
8
PeStudio v3.33
2010-10-26

Changelog

- Show unused image file space (Caves) as Evidence

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-10-27 00:00
0
快雪时晴
雪    币: 370
活跃值: (15)
能力值: ( LV9,RANK:170 )
在线值:
发帖
回帖
粉丝
私信
9
今天正好用到,到官方打不开网页,直接下zip竟然可以,谢谢
2010-10-27 01:15
0
fenggebb
雪    币: 206
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
10
谢谢谢谢谢谢!
2010-10-28 00:15
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
11
PeStudio v3.34
2010-10-27

Changelog

- Corrected problem with upx compressed files
- Show usage of Hooking functions as Evidence

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-10-28 01:09
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
12
PeStudio v3.35
2010-10-29

Changelog

- Show usage of Debugging functions as Evidence

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-10-30 20:36
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
13
PeStudio v3.36
2010-11-01

Changelog

- Handle invalid Directories
- Handle sectionless files
- Number of imported symbols as Evidence
- Show whether the Section Names are standard as Evidence
Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-11-1 15:25
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
14
PeStudio v3.37
2010-11-04

Changelog

- Added support for a single Command Line parameter: e.g PeStudio.exe %1 will open the file to analyse
- Make Dos Stub size available
- Make functions addresses available
- Make Preferred Base Address available for Libraries

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-11-6 10:53
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
15
PeStudio v3.38
2010-11-05

Changelog

- Make Windows Network Functions as Evidence
- PeStudio.exe %1 and PeStudio.exe "%1" are now supported

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-11-6 10:53
0
cntrump
雪    币: 1708
活跃值: (586)
能力值: ( LV15,RANK:670 )
在线值:
发帖
回帖
粉丝
私信
16
井喷更新期,真蛋疼呀。
2010-11-6 20:52
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
17
更新的速度 的確可以 作者 吵架的

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-11-6 21:02
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
18
PeStudio v3.40
2010-11-09

Changelog

- Added empty Checksum as Evidence
- Added number of Sections as Evidence
- Added other (Borland) standard sections as known sections
- Added support for a single Command Line parameter: e.g PeStudio.exe %1 will open the file to analyse
- Corrected problem with upx compressed files
- Handle invalid Directories
- Handle sectionless files
- IAT size estimation for Evidences adjusted
- Make Dos Stub size available
- Make functions addresses available
- Make Preferred Base Address available for Libraries
- Make size of DosStub (very small or very big) as Evidence
- Make Windows Network Functions as Evidence
- Number of imported symbols as Evidence
- PeStudio.exe %1 and PeStudio.exe "%1" are now supported
- Resolve crash on Window 64 bit
- Show Obsolete Exported functions as Evidence
- Show Obsolete Imported functions as Evidence
- Show unused image file space (Caves) as Evidence
- Show usage of Debugging functions as Evidence
- Show usage of Hooking functions as Evidence
- Show usage of HTTP functions as Evidence
- Show usage of NetBios functions as Evidence
- Show usage of RAS functions as Evidence
- Show Usage of Service Control Manager (SCM) functions as Evidence
- Show usage of Winsock functions as Evidence
- Show whether the Section Names are standard as Evidence
Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-11-10 13:57
0
cntrump
雪    币: 1708
活跃值: (586)
能力值: ( LV15,RANK:670 )
在线值:
发帖
回帖
粉丝
私信
19
告别 3.3x了,这个必须得更新。
2010-11-11 11:36
0
linhanshi
雪    币: 97697
活跃值: (200734)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
20
PeStudio v3.41
2010-11-17

Changelog

- Added Custom Resource Types as Evidence
- Added Detection of programmatic loading of libraries as Evidence
- Added Image Bound detection as Evidence
- Added Image Digital Signature test as Evidence
- Added ImageHelp as functions group
- Added Large Address Space awareness as Evidence
- Added OLE as functions group
- Added Resource Section size bigger as Code Section size as Evidence
- Added Setup API as functions group
- Added Structured Storage as functions group
- Added Thread Local Storage (TLS - static) usage as Evidence.
- Addet Thread Local Storage (TLS - dynamic) as functions group

Download

Portable:
http://www.winitor.net/tools/PeStudio.zip

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-11-20 15:31
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回
//