PEstudio V9.3 绿色免费版 非Pro
本帖最后由 制冷设备 于 2022-3-29 11:32 编辑pestudio的目标是发现可执行文件的工件,以减轻和加速恶意软件的初始评估。
该工具被世界各地的计算机应急响应小组(CERT)、安全操作中心(SOC)和数字取证实验室使用。
pestudio使用简单,操作方便,能够快速的帮助用户检测程序代码是否有误,验证程序是否能够正常运行,程序是否存在安全问题等。
版内有9.14版https://www.52pojie.cn/forum.php ... &highlight=pestudio
目前V9.3版,主要更新如下:
Version 9.30
. Handle .NET ascii strings (#Strings) Stream
. Extend detection of embedded files (e.g. MS-Compress)
. Extend indicators
. Fix bugs
Version 9.29
. Simplify indicators
. Handle .NET unicode user-strings (#US) Stream
. Fix bugs
Version 9.28
. Differentiate between n/a and empty Export Table
. Remove duplicates in indicators
. Show file-ratio of.NET Streams size
. Show threshold of .NET Streams size
. Blacklist .NET functions that belong to a blacklist Namespace
. Fix bugs
Version 9.27
. Split Namespaces into system and custom Namespaces
. Fix a bug with the delay-load imports
Version 9.26
. compile pestudio package to 64bit
. Add .NET Field table
. Fix bugs
Version 9.21 to 9.25
. Better detection of file signature
. Add mapping rich-header to tooling
. Show all time-stamps always and only in UTC
. Add blacklisting of .NET namespace
. Add namespace collection
. Add detection of .NET Module name
. Extend detection of.NET tables
. Handle .NET namespaces
. Fix bugs
Version 9.16 to 9.20
. Extend detection of.NET functions and libraries
. Handle more .NET metadata
. Extend .NET relevant indicators
. Fix an issue with the detection of duplicate exports
. handle more .NET metadata
. handle .NET tables
. fix issue when handling very large amount of exports
. Start handling .NET streams
. Fix bugs
Version 9.11 to 9.15
. Fix a bug when computing the offset of string items
. Add Resource context menu to change the severity of signature
. Add Libraries context menu to toggle blacklist flag
. Fix bugs when modifying indicator's severity level
. Add Resources context menu to toggle language blacklist flag
. Extend File-header detection
. Extend Optional-header detection
. Add File-Header characteristics
. Add Option-Header characteristics
. Add Ordinal name mapping for delay-loaded libraries
. Add details to Certificate
. Extend detection of string hints
. Extend collection of DateTime stamp indicators
. Extend context menus
. Extend Mitre detection
. Extend detection of embedded files
. Extend libraries, imports and export views
. Map strings to imports as hint
. Fix a bug when a library is missing
软件使用截图:
其中免费版与PRO版功能区别如下:
官网下载地址:https://www.winitor.com/tools/pestudio/current/pestudio.zip
度盘地址:链接: https://pan.baidu.com/s/1ogNNyMlewWUeItqKU4sBxA?pwd=9yc8 提取码: 9yc8
感谢2楼@李佑辰转存:
懒揍云:https://l13144.lanzoul.com/i16qO028azpg
懒揍云:https://l13144.lanzoul.com/i16qO028azpg 感谢分享 感谢分享 谢谢大佬分享 E文困难户~{:1_908:} 感谢分享 感谢分享,谢谢楼主 感谢分享 感谢分享 能汉化一下,方便英文小白