CTF-All-In-One/doc/9.2_wintools.md

55 lines
1.2 KiB
Markdown
Raw Normal View History

2018-03-19 11:33:57 +07:00
# 9.2 更多 Windows 工具
2017-07-17 21:02:41 +07:00
2017-08-03 16:12:31 +07:00
- [010 Editor](#010-editor)
- [DIE](#die)
- [PEiD](#peid)
- [PE Studio](pe-studio)
2017-07-17 22:20:12 +07:00
- [PEview](#peview)
2017-08-03 16:12:31 +07:00
- [PortEx Analyzer](#portex-analyzer)
- [Resource Hacker](#resource-hacker)
2017-08-03 15:03:59 +07:00
- [wxHexEditor](#wxhexeditor)
2018-05-18 15:23:54 +07:00
- [PDF Stream Dumper](#pdf-stream-dumper)
2018-05-19 20:22:04 +07:00
- [EMET](#emet)
2017-08-03 15:03:59 +07:00
2017-08-03 16:12:31 +07:00
## 010 Editor
2018-08-05 16:43:10 +07:00
<https://www.sweetscape.com/010editor/>
2017-08-03 16:12:31 +07:00
## DIE
2018-08-05 16:43:10 +07:00
<http://ntinfo.biz/>
2017-08-03 16:12:31 +07:00
## PEiD
2018-08-05 16:43:10 +07:00
<http://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml>
2017-08-03 16:12:31 +07:00
PEiD 是一个用于检测常用壳加密压缩的小程序。恶意软件编写者通常会进行加壳和混淆让恶意软件不容易被检测和分析。PEiD 可以检查超过 600 种不同的 PE 文件签名,这些数据存放在 `userdb.txt` 文件中。
## PE Studio
2018-08-05 16:43:10 +07:00
<https://www.winitor.com/>
2017-07-17 21:02:41 +07:00
2017-07-24 21:24:34 +07:00
## PEview
2018-08-05 16:43:10 +07:00
<http://wjradburn.com/software/>
2017-08-03 16:12:31 +07:00
## PortEx Analyzer
2018-08-05 16:43:10 +07:00
<https://github.com/katjahahn/PortEx>
2017-08-03 16:12:31 +07:00
## Resource Hacker
2018-08-05 16:43:10 +07:00
<http://www.angusj.com/resourcehacker/>
2017-08-03 15:23:42 +07:00
## wxHexEditor
2018-08-05 16:43:10 +07:00
<http://www.wxhexeditor.org/>
2018-05-18 15:23:54 +07:00
## PDF Stream Dumper
2018-08-05 16:43:10 +07:00
<http://sandsprite.com/blogs/index.php?uid=7&pid=57>
2018-05-19 20:22:04 +07:00
## EMET
2018-08-05 16:43:10 +07:00
<https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit>