谢谢分享的你啊！！！！！！！

WHAT'S NEW?

VERSION 0.1.11.155 (2020-01-30)

WHAT'S NEW?

VERSION 0.1.12.73 (2020-02-13)

PEAnatomist.exe SHA256:5EF85D7B7A34434547086034F43D5266FB18C22735AB57762610CB5437ECA0F7

A context menu integration bug fixed

The behavior of the program when loading a new file with open resource properties window is fixed

Fixed error displaying descriptions of some characters in the Dyn.Value Relocations table

Fixed error parsing ExceptionsData table for ARM Thumb: incorrect information about stored registers in compressed form of UnwindInfo

Natural sorting added for several more lists

Fixed error populating the Catch Handlers list for UnwindInfo.EHData.CPP_EH4

Fixed a bug leading to the slow execution of the "Select All" operation on large lists

Some lists with a large number of elements are switched to virtual mode

Added navigation through the associated UNWIND_INFO elements of the ExceptionData list for x64

Version 0.1.13 (2020-04-25):
[#] Fixed error sorting some lists with a signed-long integers
[#] Fixed error displaying the table ExceptionsData in the presence of incorrect data
[#] Fixed error displaying the name of the section in the RVA description in some cases
[+] Added new description lines for section groups on the POGO page in IMAGE_DEBUG_DIRECTORY
[#]Optimization and refactoring of a significant part of the code
[+] Added new fields to LOAD_CONFIG_DIRECTORY from SDK 19041 - GuardEHContinuations, and undocumented ones - eXtended CFG (xFG)
[+] Added GuardEHContinuations list page
[+] Added new feature flags in the GFID list
[#] Fixed bug with incorrect line ending when copying to clipboard
[#] Fixed error parsing the table of COFF symbols if an incorrect address is specified
[-] The icon of the main program window no longer changes to the icon of the file being processed
[#] Fixed IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT parsing
[+] Added support for OBJ file and LIB file formats
[+] Added support for non-COFF OBJ files
[+] Added parsing a symbol table for OBJ files
[+] Added page for summary information about import library entries in LIB files
[+] Added parsing of table of sections and relocations of OBJ files
[+] The number of file extensions for integration into the Explorer context menu has been increased
[#] Fixed bug with integration into the shell context menu if the file extension was not previously registered in the system

WHAT'S NEW?

VERSION 0.1.15.344 (2020-05-30)

• Fixed the error in determining the minor version of VS 2017-2019 when decoding the Rich signature (regression 0.1.13 and 0.1.14)

• Fixed decoding of RT_STRING resources in the presence of incorrect data
• Added tab with detailed description of PE resource headers
• Resource tab redone to list without grouping by resource type
• Fixed sorting of the list of resources
• The procedure for parsing the resource directory has been changed, new criteria for data correctness have been added
• Fixed processing of the settings file during the first launch of the program
• Corrected the behavior of the COFF character parser in the presence of incorrect info about long symbol names
• Fixed the bug of constructing the context menu for listview in virtual mode
• Fixed saving the selected file type filter in the "Open file" dialog
• Fixed incorrect recognition of UTF16 lines in rare cases
• Added page of detected ANSI and UTF16 lines in PE file
• Added CodeView Debug Info parsing for OBJ files
• Added CodeView Debug Symbols parsing for OBJ files
• Added parsing of CodeView Types for OBJ files
• Added parsing of new CodeView Debug Symbol records up to S_REGREL32_INDIR_ENCTMP inclusive
• Added parsing of new CodeView Type leafs up to and including LF_INTERFACE2
• Added parsing of type information in OBJ files compiled by MSVC with the /GL flag or others in MS ILStore format

_https://rammerlabs.alidml.ru/files/PEAnatomist-0.1.15.zip

Version 0.1.16 (2020-06-26):

[#] Slight optimization

[#] Fixed an error in determining of a register names in the CodeView symbols description in very rare cases

[+] Added the ability to copy entire columns to the clipboard with multiple row selection

[+] Added display settings for the FLC panel and status panel

[#] The error of scaling the size of the statusbar cells is fixed

[+] Splitter controls have been added in most of tabs

[+] Added host resolving for ApiSet libraries in import tables

[+] Added selection of an external DLL for determining the ApiSet host in the program settings

[+] A partial search has been added to the ExceptionsData table (experimental function)

_https://rammerlabs.alidml.ru/files/PEAnatomist-0.1.16.zip

Version 0.1.17.83 (2020-09-10)

PEAnatomist.exe SHA256: BEB515489A0C8DA42DC252F51C1DFCDF886E02A76FB688DFD3F41D3AECF8D9A8

    Added recognition of the target from a MSI shortcut
    Fixed a bug with displaying some dialogs from the resources
    Updated set of CET policy flags and LOAD_CONFIG_DIRECTORY structure from SDK 20201
    Added display of xFG-hash value in the GFID list
    Added descriptions of several section groups on the "POGO" page in IMAGE_DEBUG_DIRECTORY
    Accelerated display of found strings in PE files
    Added an optional restriction to start the only instance of the program
    Added a menu for launching a copy of the program with the currently open file
    Added the ability to open a file from the clipboard
    Fixed loss of a character in line recognition if a long line was split into several
    Added string detection settings: recognition threshold and ignoring of strings without a trailing zero
    Added a dialog for selecting a Section object and opening a mapped file
    Introduced a limitation of one instance of the resource properties dialog per entry
    Optimization and clean up of a part of the code for working with ListView

_https://rammerlabs.alidml.ru/files/PEAnatomist-0.1.17.zip

更新日期：2020年10月22日

版本：0.1.18

下载：https://rammerlabs.alidml.ru/files/PEAnatomist-0.1.18.zip

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

Version 0.1.18 (2020-10-21): [#] Fixed error displaying data from ~GUID in .NET metadata tables [+] Added description of flags for entries in .NET metadata tables [#] Fixed bug with positioning child windows on multi-monitor configurations [+] Added creation of a minidump in case of an unhandled exception [#] Updated @feat.00 flag description [#] Changed description text for several IDs in Rich Signature [#] Rewrote a part of the code to enumerate the 'Section' objects [+] Added a column to the ExceptionsData X64 table to display the size of the stack allocation [+] Added a request to start a new copy of the program when the restriction on starting the only instance of the program is enabled and running copy does not respond [#] ExceptionsData X64 chain table format changed to more verbose [#] Fixed error in determining the allocation size for UWOP_ALLOC_LARGE (1) [+] Added a page for xFG hash values for OBJ files [+] Added ExceptionsData x64, ARM64 and ARM for OBJ files [#] Fixed a bug with working with sections in OBJ files in the presence of BSS with a certain set of parameters [#] Fixed a bug with parsing unwind codes for ARM and ARM64 (in PE and OBJ files), which could appear on small files or in presence of a large number of epilogues in a function [#] Cleaning up and slight optimization of the IA64 unwind codes parser [+] Added a description of the section and an offset in it to the COFF symbol, which is referenced by the CodeView symbol in the corresponding forms of debug information [+] Added options to search any value less or greater than the specified [+] Added setting of the initial search position based on: the last found line, the selected line, or forced from the beginning of the list [+] Added full-text search in all columns of the list (minimum query length - 2 characters, search is case insensitive only for ANSI characters) [+] Added the ability to search in any list [#] Fixed a bug with displaying the type name from TypeDef in the .NET metadata token description in rare cases (only the method

Release 0.2.0 (2021-01-04):

Minor optimization and cleaning of list sorting code

Background color of resource properties dialog and hexview changed to standard for the used control

Cleaning headers, unifying declared data types, dividing code into independent modules

Fix display error for the symbols CV_COMPILESYM and CV_COMPILESYM3

Update register names and CodeView symbols from VS 16.8 and 16.9Preview

Add display of the COFF symbol referenced by the CLR token in the COFF symbol table

Add display of CLR token in CodeView symbols

Fix error displaying RT_STRING resource as text in rare cases

Fix error in defining COFF-symbol of exception handler in x64 OBJ-files

The used data types from CoreCLR 5 have been updated

Fix a crash when displaying the contents of the metadata tables of some obfuscated or compressed .NET files

Change .NET metadata streams description - stream RVA is displayed now

Fix matching RVA to offset for some alignment and section parameter combinations in PE files compiled by MinGW

Fix displaying a DelayImport table with incorrect content (regression starting 0.1.8)

Fix matching RVA to offset in case of forced loading of PE without sections

Add .NET Vtable Fixups display

Fix a rare error with displaying the name of some Codeview types in the pivot table (an incorrect name could be displayed if in fact it was of zero length)

Add decoding of MSVC ILStore symbol table (.cil$gl) in OBJ files (x86, x64, ARMThumb, ARM64) for VS16.8

Change the appearance of the main window in the absence of a loaded file

Add description for selected symbol in the MSVC ILStore symbol table

Add correction of indexes in the MSVC ILStore table of types in case of using PCH

Add description of types by their index in all supported MSVC ILStore tables

Add description of MSVC ILStore symbols referenced by selected symbol from table .cil$gl

Add parsing of CHPE configuration header and DynamicDataRelocations table for hybrid x64-over-ARM64 images (arm64x) from InsiderPreview 21277

Add x64 ExceptionsData table for hybrid x64-over-ARM64 images (arm64x)

Add parsing of ARM64 unwind codes for SIMD registers

Fix detection of the ARM64 unwind chain

New view of the settings dialog, division of settings into new categories

Add formatting settings for text copied to the clipboard from program tables

Fix error reading CodeView C13 subsections in some cases (most often it appeared on CodeView created by early versions of tools from VS2002 and VS2003)

Add search settings: remembering the last query and saving the selected starting position of the search

Add search options for text: match only from the beginning of a string, inversion of search results (i.e. search for strings where the desired text is absent)

Fix error displaying the "Parent Offset" parameter in the CodeView symbols S_DEFRANGE_REGISTER_REL and S_DEFRANGE_REGISTER_REL_INDIR

Fix error of reading MSVC ILStore type table when there are nested tables

Add support for decoding MSVC ILStore symbol table for all public versions of VisualStudio (7-16.9Preview2)

Add the ability to select all found lines for text search

Prevent unclosed search dialog from being used after destroying its associated ListView

Configuration file format has been changed to text view

https://rammerlabs.alidml.ru/files/PEAnatomist-0.2.0.zip

PEAnatomist 0.2.5

https://rammerlabs.alidml.ru/changelog-eng.html#v025

PE Anatomist 0.2.6

Current version of the program: 0.2.6

The new version highlights

Fixed a number of errors in the parser of import tables for modified PE

Updated information about new Codeview symbols from VS2022

Clarified interpretation of some build numbers from Rich signature

Expanded dataset for describing CoffGroups in the IMAGE_DEBUG_TYPE_POGO table

Numerous minor fixes

https://rammerlabs.alidml.ru/files/0206-2237-B0D4-283F/PEAnatomist-0.2.6.zip

Current version of the program: 0.2.7
Release date: 2022-01-03

https://rammerlabs.alidml.ru/files/0207-DF6C-C894-D8E6/PEAnatomist-0.2.7.zip

Current version of the program: 0.2.8 Final
Release date: 2022-03-05
https://rammerlabs.alidml.ru/files/0208-43FF-9E17-13A4/PEAnatomist-0.2.8.zip

PEAnatomist 0.2.9 Final 
Release date: 2022-03-15
https://rammerlabs.alidml.ru/files/0209-5453-9807-B718/PEAnatomist-0.2.9.zip

PE Anatomist 0.2.10.17 Final Build Fix 2
https://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/PE-Anatomist.shtml#download

Current version of the program: 0.2.11 Final Fix3
Release date: 2022-05-18

https://rammerlabs.alidml.ru/files/020B-C938-C521-DAC4/PEAnatomist-0.2.11.zip

Current version of the program: 0.2.10712.2124
Release date: 2022-07-12
https://rammerlabs.alidml.ru/files/0000-0002-29CD-0000/PEAnatomist-0.2.zip

Current version of the program: 0.2.11401.0000

Release date: 2023-02-01
File size: 213 KB

https://rammerlabs.alidml.ru/files/0000-0002-29CD-0000/PEAnatomist-0.2.zip