|
libPeConv
A library to load, manipulate, dump PE files.
|
| ▼ libpeconv | |
| ▼ include | |
| ▼ peconv | |
| buffer_util.h | Definitions of the used buffer types. Functions for their allocation and deallocation |
| caves.h | Functions related to finding caves in the loaded PE file |
| delayed_imports_loader.h | Parsing and filling the Delayload Import Table |
| exceptions_parser.h | Functions related to Exceptions Table |
| exported_func.h | A definition of ExportedFunc class - used for storing the details of the exported function. Helper functions related to the export parsing |
| exports_lookup.h | Searching specific functions in PE's Exports Table |
| exports_mapper.h | A definition of ExportsMapper class. Creates a lookup of all the exported functions from the supplied DLLs. Allows to associate an address with a corresponding function |
| file_util.h | Functions related to operations on files. Wrappers for read/write |
| find_base.h | Functions related to finding a base to which the module was relocated |
| fix_imports.h | Functions and classes responsible for fixing Import Table. A definition of ImportedDllCoverage class |
| function_resolver.h | Definitions of basic Imports Resolver classes. They can be used for filling imports when the PE is loaded |
| hooks.h | Functions related to hooking the loaded PE. Reditecting/replacing a functions with another |
| imports_loader.h | Parsing and filling the Import Table |
| imports_uneraser.h | A definition of ImportsUneraser class - for recovery of a partialy erased Import Table |
| load_config_defs.h | Definitions of various versions of Load Config Directory (new fields added with new versions for Windows) |
| load_config_util.h | Fetching Load Config Directory and recognizing its version |
| pe_dumper.h | Dumping PE from the memory buffer into a file |
| pe_hdrs_helper.h | Wrappers over various fields in the PE header. Read, write, parse PE headers |
| pe_loader.h | Loading PE from a file with the help of the custom loader |
| pe_mode_detector.h | Detecting in which mode is the PE in the supplied buffer (i.e. raw, virtual). Analyzes PE features typical for particular modes |
| pe_raw_to_virtual.h | Converting PE from raw to virtual format |
| pe_virtual_to_raw.h | Converting PE from virtual to raw format |
| peb_lookup.h | Functions for retrieving process information from PEB |
| relocate.h | Operating on PE file's relocations table |
| remote_pe_reader.h | Reading from a PE module that is loaded within a remote process |
| resource_parser.h | Parsing PE's resource directory |
| resource_util.h | Functions related to manual retrieving of PE resources |
| tls_parser.h | Functions related to TLS Callbacks |
| unicode.h | |
| util.h | Miscellaneous utility functions |
| peconv.h | Master include file, including everything else |
| ▼ src | |
| buffer_util.cpp | |
| caves.cpp | |
| delayed_imports_loader.cpp | |
| exceptions_parser.cpp | |
| exported_func.cpp | |
| exports_lookup.cpp | |
| exports_mapper.cpp | |
| file_util.cpp | |
| find_base.cpp | |
| fix_dot_net_ep.cpp | |
| fix_dot_net_ep.h | |
| fix_imports.cpp | |
| function_resolver.cpp | |
| hooks.cpp | |
| imports_loader.cpp | |
| imports_uneraser.cpp | |
| load_config_util.cpp | |
| pe_dumper.cpp | |
| pe_hdrs_helper.cpp | |
| pe_loader.cpp | |
| pe_mode_detector.cpp | |
| pe_raw_to_virtual.cpp | |
| pe_virtual_to_raw.cpp | |
| peb_lookup.cpp | |
| relocate.cpp | |
| remote_pe_reader.cpp | |
| resource_parser.cpp | |
| resource_util.cpp | |
| tls_parser.cpp | |
| util.cpp |
1.10.0