/PEInsight

PEInsight is a fast and efficient command-line tool for parsing Windows Portable Executable (PE) files, written in C.

Primary LanguageC

PEInsight

PEInsight is a tool designed to parse and inspect the structure of Portable Executable (PE) files, written in C. The Portable Executable format is the file format for executables, object code, DLLs, and others used in 32-bit and 64-bit versions of Windows operating systems. PEInsight provides a detailed breakdown of the internal structure of PE files

Features

PEInsight currently parses and extracts information from the following structures in PE files:

  • DOS Header (DOS_HEADER)

  • DOS Stub (DOS_STUB)

  • NT Headers (NT_HEADERS)

  • Section Headers (SECTION_HEADERS)

  • Sections Data Dumping (SECTIONS_DATA_DUMPING)

  • Import Descriptors

To-do

  • Entropy Calculation for Sections

Usage

    gcc main.c -o parser -lm