9.2 更多 Windows 工具
010 Editor
https://www.sweetscape.com/010editor/
DIE
PEiD
http://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml
PEiD 是一个用于检测常用壳,加密,压缩的小程序。恶意软件编写者通常会进行加壳和混淆让恶意软件不容易被检测和分析。PEiD 可以检查超过 600 种不同的 PE 文件签名,这些数据存放在 userdb.txt 文件中。
PE Studio
PEview
http://wjradburn.com/software/
PortEx Analyzer
https://github.com/katjahahn/PortEx
Resource Hacker
http://www.angusj.com/resourcehacker/
wxHexEditor
PDF Stream Dumper
http://sandsprite.com/blogs/index.php?uid=7&pid=57
EMET
https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit
Last updated
Was this helpful?