2009년 3월 12일 목요일

[Tools] ExplorerSuite

ExplorerSuite  는 프로그램의 구조를 보고 분석 및 수정을 도와주는 툴입니다.
리소스 뷰어, 아이콘, 비트맵, 를 지원하고, 아이콘, 비트맵, Dependency Walker 등의 자료들을 볼 수 있습니다.

자세한 사항은 아래사항을 확인해보세요..
영어가 딸려서..^^

Current Version: III (09/03/2009)

Download the Explorer Suite

Created by Daniel Pistelli, a freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. The suite is available for x86, x64 and Itanium.
- Explorer Suite (Multi-Platform Version, Recommended)
- Explorer Suite (x86 Version)
- CFF Explorer (x86 Version, stand-alone, Zip Archive)
- CFF Explorer Extensions Repository
The CFF Explorer was designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure. This application includes a series of tools which might help not only reverse engineers but also programmers. It offers a multi-file environment and a switchable interface.

Also, it's the first PE editor with full support for the .NET file format. With this tool you can easily edit metadata's fields and flags. If you're programming something that has to do with .NET metadata, you will need this tool. The resource viewer supports .NET image formats like icons, bitmaps, pngs. You'll be able to analyze .NET files without having to install the .NET framework, this tool has its own functions to access the .NET format.

Useful links:
- How to write a CFF Explorer Extension
- CFF Explorer Scripting Language Documentation (v1)
- CFF Explorer Extensions Repository
Features:

  • Process Viewer
  • Windows Viewer
  • PE and Memory Dumper
  • Full support for PE32/64
  • Special fields description and modification (.NET supported)
  • PE Utilities
  • PE Rebuilder (with Realigner, IT Binder, Reloc Remover, Strong Name Signature Remover, Image Base Changer)
  • View and modification of .NET internal structures
  • Resource Editor (full support for Windows Vista icons)
  • Support in the Resource Editor for .NET resources (dumpable as well)
  • Hex Editor
  • Import Adder
  • PE integrity checks
  • Extension support
  • Visual Studio Extensions Wizard
  • Powerful scripting language
  • Dependency Walker
  • Quick Disassembler (x86, x64, MSIL)
  • Name Unmangler
  • Extension support
  • File Scanner
  • Directory Scanner
  • Deep Scan method
  • Recursive Scan method
  • Multiple results
  • Report generation
  • Signatures Manager
  • Signatures Updater
  • Signatures Collisions Checker
  • Signatures Retriever
라벨: ,

댓글 없음:

댓글 쓰기

피드 구독하기: 댓글 (Atom)