Skip to content

v0.2
Compare
Choose a tag to compare
@hasherezade hasherezade released this 12 Jun 12:42
· 1197 commits to master since this release
v0.2
0d34020

pic20

FEATURE

  • More flexibility in reconstruction of Import Table (added new options to the /imp parameter)
    • Including: reconstructing Import Table from the scratch (Issue #34)
    • Import reconstruction can be applied on all the detected PEs (not only on the implanted ones)
  • Reconstructing partially overwritten sections characteristics in the implanted PE
  • Dumping PE implants that could not be reconstructed with an extension .corrupt_dll/corrupt_exe
  • Added build date to the banner

REFACTORING

  • Refactored PE dumping and import recovery
Assets 8
Loading