Data Directory

0001-01-01 pe

The Data Directory is a structure contained within the Optional Header of a PE file. This is defined in the IMAGE_DATA_DIRECTORY structure: typedef ... Read More

DOS Header

0001-01-01 pe

The DOS Header is the first header within a PE file. This header is prefixed with “MZ” (0x4d 0x5a) The structure of the DOS header is ... Read More

DOS Stub

0001-01-01 pe

The DOS stub resides between the DOS Header (MZ header) and the NT Header. It typically prints a messages that states “This program cannot be ... Read More

Dynamic Link Library

0001-01-01 pe windows

A dynamic-link library (DLL) is a shared library in the Microsoft Windows operating system. This is similar to Shared Object (.so files) on *nix ... Read More

Export Directory

0001-01-01 pe

A PE file’s export directory contains information about the functions and variables exported from the executable. This is commonly used in DLL ... Read More

File Header

0001-01-01 pe

The file headers (IMAGE_FILE_HEADER) contains information about a PE file’s sections, characteristics, and additional information. typedef ... Read More

Import Address Table

0001-01-01 pe

The Import Address Table is a data structure within a PE file that contains information about the addresses of functions imported from other PE files. ... Read More

NT Header

0001-01-01 pe

The NT header (IMAGE_NT_HEADERS) is a structure within PE files which contains the FileHeader and OptionalHeader headers. This header can be ... Read More

Optional Header

0001-01-01 pe

The Optional Header (IMAGE_OPTIONAL_HEADER) is found within PE files and contains metadata required for the operating system to handle and load the ... Read More

PE Sections

0001-01-01 pe

Portable Executable Sections contain the code and data of an executable. Sections may contain code, variables, or resource information. Programs may ... Read More