728x90
[Homepage]
http://www.cgsoftlabs.ro/studpe.html
2.4.0.1 - 02 apr 2008
-fixed a bug with imported functions name lenght;
-added external signature verifier; writed a note about signatures;
-fixed RVA2RAW for UPACK which has EP inside PE HEADER; now imports are shown fine;
-added basic disassembler from hexeditor right click menu;
-fixed showing which export is in fact a forwarder to other dll; like HeapAlloc in kernel.dll;
-added process memory dumper/viewer; right click on the process you want to inspect; you can
use dissasambler (from right click menu inside the hexeditor) to see how the code looks at
certain VA; the difference from other (dumpers LordPE, ProcDump, PETools) is that it can dump/view code blocks protected with PAGE_GUARD or NOACCESS flags.
2.2.0.5 - 19 mar 2006
-Open Folder option in Procs list;
-fixed dos header word array - 10x TQN;
-fixed showing wrong signature searching time on PEs with EP 0 - 10x marciano;
-removed a validity check..some packed with asprot files didn't show any res dir;
-it now shows the forwarder exports;
-TLS table editor/viewer;
-new option in hexeditor :select up to 4 bytes the from menu -> GoToRAW GoToRVA GoToVA;
-option to view what is the virtual address of slected byte in hexeditor;
-"Mark Sel"ection inside hexeditor;
-"History" of recent Blocks of data viewed inside hexeditor;
-it will see imports like upack imports (names inside header);
http://www.cgsoftlabs.ro/studpe.html
2.4.0.1 - 02 apr 2008
-fixed a bug with imported functions name lenght;
-added external signature verifier; writed a note about signatures;
-fixed RVA2RAW for UPACK which has EP inside PE HEADER; now imports are shown fine;
-added basic disassembler from hexeditor right click menu;
-fixed showing which export is in fact a forwarder to other dll; like HeapAlloc in kernel.dll;
-added process memory dumper/viewer; right click on the process you want to inspect; you can
use dissasambler (from right click menu inside the hexeditor) to see how the code looks at
certain VA; the difference from other (dumpers LordPE, ProcDump, PETools) is that it can dump/view code blocks protected with PAGE_GUARD or NOACCESS flags.
2.2.0.5 - 19 mar 2006
-Open Folder option in Procs list;
-fixed dos header word array - 10x TQN;
-fixed showing wrong signature searching time on PEs with EP 0 - 10x marciano;
-removed a validity check..some packed with asprot files didn't show any res dir;
-it now shows the forwarder exports;
-TLS table editor/viewer;
-new option in hexeditor :select up to 4 bytes the from menu -> GoToRAW GoToRVA GoToVA;
-option to view what is the virtual address of slected byte in hexeditor;
-"Mark Sel"ection inside hexeditor;
-"History" of recent Blocks of data viewed inside hexeditor;
-it will see imports like upack imports (names inside header);
invalid-file728x90
'Rev. Engineering > Tools' 카테고리의 다른 글
| All Armadillo tools (0) | 2008.04.07 |
|---|---|
| JumpGen v0.4b (2) | 2008.04.01 |
| [PE Editor] PE Tools v1.5.800.2006 RC7 (0) | 2008.03.31 |
| API Guide v3.7 (0) | 2008.03.31 |
| [실행압축확인] PEiD v0.94 (0) | 2008.03.29 |