-
-
[转帖]Scylla x64/x86 Imports Reconstruction 0.7 Beta 7 by Aguila
-
发表于: 2012-10-2 14:37
-
Scylla x64/x86 Imports Reconstruction 0.7 Beta 7
From:EXETOOLS
Changelog
Scylla_v0.7beta7.rar
From:EXETOOLS
http://forum.exetools.com/showpost.php?p=80829&postcount=29
Changelog
- fixed bug in the dump engine: more details here http://forum.tuts4you.com/topic/30060-bug-when-fixing-dump/
- added "suspend process option", look in options dialog: more details here http://waleedassar.blogspot.com/2012/09/anti-dumping-part-3.html
Scylla_v0.7beta7.rar
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
thank,thank,,,
|
|
|
If you try to FIX DUMP an executable with the IMAGE_NT_HEADERS structure
overlapping the IMAGE_DOS_HEADER i.e. the e_lfanew field has a value less than or equal to 0x38 (and of course, greater than or equal to 0x2), the resulting executable is rejected by the windows PE loader. Scylla_v0.7beta8.rar 
|
|
|
Scylla x64/x86 Imports Reconstruction by Aguila
ImpREC, CHimpREC, Imports Fixer... this are all great tools to rebuild an import table, but they all have some major disadvantages, so I decided to create my own tool for this job. Basically, it's ImpRec on speed If you miss a feature or want to report a bug, head on over to the support forum on Tuts4You. 
|
