CTF-All-In-One/doc/9.2_wintools.md

# 9.2 更多 Windows 工具

- [010 Editor](#010-editor)
- [DIE](#die)
- [PEiD](#peid)
- [PE Studio](pe-studio)
- [PEview](#peview)
- [PortEx Analyzer](#portex-analyzer)
- [Resource Hacker](#resource-hacker)
- [wxHexEditor](#wxhexeditor)
- [PDF Stream Dumper](#pdf-stream-dumper)
- [EMET](#emet)

## 010 Editor

<https://www.sweetscape.com/010editor/>

## DIE

<http://ntinfo.biz/>

## PEiD

<http://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml>

PEiD 是一个用于检测常用壳，加密，压缩的小程序。恶意软件编写者通常会进行加壳和混淆让恶意软件不容易被检测和分析。PEiD 可以检查超过 600 种不同的 PE 文件签名，这些数据存放在 `userdb.txt` 文件中。

## PE Studio

<https://www.winitor.com/>

## PEview

<http://wjradburn.com/software/>

## PortEx Analyzer

<https://github.com/katjahahn/PortEx>

## Resource Hacker

<http://www.angusj.com/resourcehacker/>

## wxHexEditor

<http://www.wxhexeditor.org/>

## PDF Stream Dumper

<http://sandsprite.com/blogs/index.php?uid=7&pid=57>

## EMET

<https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit>
-												add chapter 8 academic

											
										
										
											2018-03-19 11:33:57 +07:00
+								# 9.2 更多 Windows 工具
-												update

											
										
										
											2017-07-17 21:02:41 +07:00
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
+								- [010 Editor](#010-editor)
 								- [DIE](#die)
 								- [PEiD](#peid)
 								- [PE Studio](pe-studio)
-												update

											
										
										
											2017-07-17 22:20:12 +07:00
+								- [PEview](#peview)
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
+								- [PortEx Analyzer](#portex-analyzer)
 								- [Resource Hacker](#resource-hacker)
-												update CONTRIBUTION.md

											
										
										
											2017-08-03 15:03:59 +07:00
+								- [wxHexEditor](#wxhexeditor)
-												add 7.1.8

											
										
										
											2018-05-18 15:23:54 +07:00
+								- [PDF Stream Dumper](#pdf-stream-dumper)
-												add 7.1.9

											
										
										
											2018-05-19 20:22:04 +07:00
+								- [EMET](#emet)
-												update CONTRIBUTION.md

											
										
										
											2017-08-03 15:03:59 +07:00
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
+								## 010 Editor
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<https://www.sweetscape.com/010editor/>
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
 								## DIE
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<http://ntinfo.biz/>
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
 								## PEiD
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<http://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml>
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
 								PEiD 是一个用于检测常用壳，加密，压缩的小程序。恶意软件编写者通常会进行加壳和混淆让恶意软件不容易被检测和分析。PEiD 可以检查超过 600 种不同的 PE 文件签名，这些数据存放在 `userdb.txt` 文件中。
 								## PE Studio
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<https://www.winitor.com/>
-												update

											
										
										
											2017-07-17 21:02:41 +07:00
-												update

											
										
										
											2017-07-24 21:24:34 +07:00
+								## PEview
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<http://wjradburn.com/software/>
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
 								## PortEx Analyzer
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<https://github.com/katjahahn/PortEx>
-												update

											
										
										
											2017-08-03 16:12:31 +07:00
 								## Resource Hacker
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<http://www.angusj.com/resourcehacker/>
-												change license

											
										
										
											2017-08-03 15:23:42 +07:00
 								## wxHexEditor
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<http://www.wxhexeditor.org/>
-												add 7.1.8

											
										
										
											2018-05-18 15:23:54 +07:00
 								## PDF Stream Dumper
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<http://sandsprite.com/blogs/index.php?uid=7&pid=57>
-												add 7.1.9

											
										
										
											2018-05-19 20:22:04 +07:00
 								## EMET
-												use markdownlint

											
										
										
											2018-08-05 16:43:10 +07:00
 								<https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit>