diff options
| author | bitform <matt@exploit-monday.com> | 2012-07-22 15:16:22 -0400 |
|---|---|---|
| committer | bitform <matt@exploit-monday.com> | 2012-07-22 15:16:22 -0400 |
| commit | 65ebaea880b1470718f609e1946f950e7fff0d81 (patch) | |
| tree | a47abcb754d066808e410277920ca82d4dfce1ac /README | |
| parent | 72c00d7422ea2df4fe397db099d67c6945d48724 (diff) | |
| download | PowerSploit-65ebaea880b1470718f609e1946f950e7fff0d81.tar.gz PowerSploit-65ebaea880b1470718f609e1946f950e7fff0d81.zip | |
Added Get-PEHeader. PETools is now a module.
Get-PEHeader is a 32 and 64-bit in-memory and on-disk PE parsing
utility.
PETools is now a PowerShell module that can be loaded with
`Import-Module PETools`
Diffstat (limited to 'README')
| -rw-r--r-- | README | 20 |
1 files changed, 18 insertions, 2 deletions
@@ -27,10 +27,22 @@ Invoke-ReverseDnsLookup: Invoke-ReverseDnsLookup scans an IP address range for DNS PTR records. This script is useful for performing DNS reconnaissance prior to conducting an authorized penetration test.
----------
-.\PE_Tools
+.\PETools
----------
-An assortment of scripts used to parse/manipulate Windows portable executables
+A PowerShell module used to parse/manipulate Windows portable executables
+
+Get-PEHeader:
+
+ Get-PEHeader is an in-memory and on-disk PE parsing utility.
+
+Get-PEArchitecture:
+
+ Get-PEArchitecture returns the architecture for which an executable was compiled.
+
+Get-DllLoadPath:
+
+ Get-DllLoadPath returns the path from which Windows will load a Dll for the given executable.
----------
.\RE_Tools
@@ -38,6 +50,10 @@ An assortment of scripts used to parse/manipulate Windows portable executables Tools to aid in reverse engineering
+Get-ILDisassembly:
+
+ disassembles a raw MSIL byte array passed in from a MethodInfo object in a manner similar to that of Ildasm.
+
-------
License
-------
|