From 65ebaea880b1470718f609e1946f950e7fff0d81 Mon Sep 17 00:00:00 2001 From: bitform Date: Sun, 22 Jul 2012 15:16:22 -0400 Subject: Added Get-PEHeader. PETools is now a module. Get-PEHeader is a 32 and 64-bit in-memory and on-disk PE parsing utility. PETools is now a PowerShell module that can be loaded with `Import-Module PETools` --- README | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) (limited to 'README') diff --git a/README b/README index 4942259..3680e63 100644 --- a/README +++ b/README @@ -27,10 +27,22 @@ Invoke-ReverseDnsLookup: Invoke-ReverseDnsLookup scans an IP address range for DNS PTR records. This script is useful for performing DNS reconnaissance prior to conducting an authorized penetration test. ---------- -.\PE_Tools +.\PETools ---------- -An assortment of scripts used to parse/manipulate Windows portable executables +A PowerShell module used to parse/manipulate Windows portable executables + +Get-PEHeader: + + Get-PEHeader is an in-memory and on-disk PE parsing utility. + +Get-PEArchitecture: + + Get-PEArchitecture returns the architecture for which an executable was compiled. + +Get-DllLoadPath: + + Get-DllLoadPath returns the path from which Windows will load a Dll for the given executable. ---------- .\RE_Tools @@ -38,6 +50,10 @@ An assortment of scripts used to parse/manipulate Windows portable executables Tools to aid in reverse engineering +Get-ILDisassembly: + + disassembles a raw MSIL byte array passed in from a MethodInfo object in a manner similar to that of Ildasm. + ------- License ------- -- cgit v1.2.3