Program Database
2024-08-05 pe windows
Program Database (PDB) is a file format on Windows systems used to store debugging information about a program.
PDB files commonly have a .pdb file ...
Read More
Data Directory
0001-01-01 pe
The Data Directory is a structure contained within the Optional Header of a PE file. This is defined in the IMAGE_DATA_DIRECTORY structure:
Read Moretypedef ...
DOS Header
0001-01-01 pe
The DOS Header is the first header within a PE file.
This header is prefixed with “MZ” (0x4d 0x5a)
The structure of the DOS header is ...
Read More
DOS Stub
0001-01-01 pe
The DOS stub resides between the DOS Header (MZ header) and the NT Header. It typically prints a messages that states “This program cannot be ...
Read More
Dynamic Link Library
0001-01-01 pe windows
A dynamic-link library (DLL) is a shared library in the Microsoft Windows operating system. This is similar to Shared Object (.so files) on *nix ...
Read More
Export Directory
0001-01-01 pe
A PE file’s export directory contains information about the functions and variables exported from the executable.
This is commonly used in DLL ...
Read More
Import Address Table
0001-01-01 pe
The Import Address Table is a data structure within a PE file that contains information about the addresses of functions imported from other PE files. ...
Read More
NT Header
0001-01-01 pe
The NT header (IMAGE_NT_HEADERS) is a structure within PE files which contains the FileHeader and OptionalHeader headers.
This header can be ...
Read More
Optional Header
0001-01-01 pe
The Optional Header (IMAGE_OPTIONAL_HEADER) is found within PE files and contains metadata required for the operating system to handle and load the ...
Read More
PEBear
0001-01-01 malwareanalysis reversing pe windows
PE Bear is an open-source PE file analyzer written by hasherezade. It runs on Windows or Linux.
https://github.com/hasherezade/pe-bear
Read More