# 9.2 更多 Windows 工具 - [010 Editor](#010-editor) - [DIE](#die) - [PEiD](#peid) - [PE Studio](pe-studio) - [PEview](#peview) - [PortEx Analyzer](#portex-analyzer) - [Resource Hacker](#resource-hacker) - [wxHexEditor](#wxhexeditor) - [PDF Stream Dumper](#pdf-stream-dumper) - [EMET](#emet) ## 010 Editor https://www.sweetscape.com/010editor/ ## DIE http://ntinfo.biz/ ## PEiD http://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml PEiD 是一个用于检测常用壳,加密,压缩的小程序。恶意软件编写者通常会进行加壳和混淆让恶意软件不容易被检测和分析。PEiD 可以检查超过 600 种不同的 PE 文件签名,这些数据存放在 `userdb.txt` 文件中。 ## PE Studio https://www.winitor.com/ ## PEview http://wjradburn.com/software/ ## PortEx Analyzer https://github.com/katjahahn/PortEx ## Resource Hacker http://www.angusj.com/resourcehacker/ ## wxHexEditor http://www.wxhexeditor.org/ ## PDF Stream Dumper http://sandsprite.com/blogs/index.php?uid=7&pid=57 ## EMET https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit