CTF-All-In-One/doc/9.2_wintools.md

46 lines
1.1 KiB
Markdown
Raw Normal View History

2018-03-19 11:33:57 +07:00
# 9.2 更多 Windows 工具
2017-07-17 21:02:41 +07:00
2017-08-03 16:12:31 +07:00
- [010 Editor](#010-editor)
- [DIE](#die)
- [PEiD](#peid)
- [PE Studio](pe-studio)
2017-07-17 22:20:12 +07:00
- [PEview](#peview)
2017-08-03 16:12:31 +07:00
- [PortEx Analyzer](#portex-analyzer)
- [Resource Hacker](#resource-hacker)
2017-08-03 15:03:59 +07:00
- [wxHexEditor](#wxhexeditor)
2018-05-18 15:23:54 +07:00
- [PDF Stream Dumper](#pdf-stream-dumper)
2018-05-19 20:22:04 +07:00
- [EMET](#emet)
2017-08-03 15:03:59 +07:00
2017-12-07 08:30:58 +07:00
2017-08-03 16:12:31 +07:00
## 010 Editor
https://www.sweetscape.com/010editor/
## DIE
http://ntinfo.biz/
## PEiD
http://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml
PEiD 是一个用于检测常用壳加密压缩的小程序。恶意软件编写者通常会进行加壳和混淆让恶意软件不容易被检测和分析。PEiD 可以检查超过 600 种不同的 PE 文件签名,这些数据存放在 `userdb.txt` 文件中。
## PE Studio
https://www.winitor.com/
2017-07-17 21:02:41 +07:00
2017-07-24 21:24:34 +07:00
## PEview
2017-08-03 16:12:31 +07:00
http://wjradburn.com/software/
## PortEx Analyzer
https://github.com/katjahahn/PortEx
## Resource Hacker
http://www.angusj.com/resourcehacker/
2017-08-03 15:23:42 +07:00
## wxHexEditor
2017-08-03 16:12:31 +07:00
http://www.wxhexeditor.org/
2018-05-18 15:23:54 +07:00
## PDF Stream Dumper
http://sandsprite.com/blogs/index.php?uid=7&pid=57
2018-05-19 20:22:04 +07:00
## EMET
https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit