Skip to content

Latest commit

 

History

History
28 lines (16 loc) · 843 Bytes

README.md

File metadata and controls

28 lines (16 loc) · 843 Bytes

PEInsight

PEInsight is a tool designed to parse and inspect the structure of Portable Executable (PE) files, written in C. The Portable Executable format is the file format for executables, object code, DLLs, and others used in 32-bit and 64-bit versions of Windows operating systems. PEInsight provides a detailed breakdown of the internal structure of PE files

Features

PEInsight currently parses and extracts information from the following structures in PE files:

  • DOS Header (DOS_HEADER)

  • DOS Stub (DOS_STUB)

  • NT Headers (NT_HEADERS)

  • Section Headers (SECTION_HEADERS)

  • Sections Data Dumping (SECTIONS_DATA_DUMPING)

  • Import Descriptors

To-do

  • Entropy Calculation for Sections

Usage

    gcc main.c -o parser -lm