This is an awesome compiler/packer detector available on. To spice things up, it is a multiplatform tool and Hex-Rays distributes it in 3 versions (refer to folders win, mac, linux inside efd.zip)Įfd.exe showing info on the efd (MAC version) Being able to view similar info on Windows is really handy. Notably, this is one of not so many tools available on Windows platform that parses Mac executable files – anyone wanting to view the internal info of Mac executables typically uses ‘otool’ on Mac. It is one of not so many dumping tools that supports crazy number of file formats – as per the Hex-Rays page:ĮXE, NE, LE, LX, PE, NLM, XCOFF, COFF, OMF, DBG, PRC, PEF, OS9, N64, PSX, EPOC, AR, AMIGA, ELF, ECOFF, HP SOM, GEOS, OLE2, AIF, AOF, AOUT, PE+, OMF166, MachO, XE/XBE, JPG, CIFF, TMOBJ, MRW, TIFF, MPG, CWLIB XCP.DAT, WMF, DSO, PDB The tool is freely available online on the Hex-Rays web page.
Pretty much everyone heard of IDA Pro and Hex-Rays Decompiler.īut how many heard of Extensive File Dumper? Here are two of them: Extensive File Dumper Still, there are gems out there that are not very popular, yet it is really worth having them at hand during reverse engineering sessions. It is sad to see that many of them rarely reach quality and usability levels as the good-ol’ LordPE, PE Tools, or PEiD. It is easy to find numerous PE viewers, PE editors, PE dumpers, PE identification tools and so on and so forth. There are tones of PE tools out there and lots of them are rehashing the very same ideas over and over again.
0 kommentar(er)
