#16
|
|||
|
|||
PE_OVL.HEM PlugIn for HIEW32
PE_OVL.HEM PlugIn for HIEW32
for Strip/Add/Save/Goto overlay of PE-EXE file. Logic: Quote:
Quote:
Last edited by dosprog; 06-09-2018 at 15:22. |
The Following 2 Users Say Thank You to dosprog For This Useful Post: | ||
Indigo (07-19-2019), MarcElBichon (05-30-2018) |
#17
|
|||
|
|||
Note about using HEM-plugins
Not only everyone(c) knows that you can speed up
the launch of Plug-Ins using the "hemkeys.ini" file. For example: Quote:
Last edited by dosprog; 05-29-2018 at 07:19. |
#18
|
|||
|
|||
Goto.HEM - PlugIn for HIEW32
GOTO.HEM - HEM-PlugIn for locate some positions in MZ-PE-EXE file.
Menu available: Quote:
Last edited by dosprog; 06-09-2018 at 15:23. |
The Following 5 Users Say Thank You to dosprog For This Useful Post: | ||
Indigo (07-19-2019), kienmanowar (05-30-2018), MarcElBichon (05-30-2018), niculaita (05-30-2018), zeuscane (05-30-2018) |
#19
|
|||
|
|||
Updated 5 PlugIns for manipulate with PE-EXE.
(Now if file opened in Hiew is not PE, then PE_xxxx PligIns not listed in Hiew32 PlugIns Menu). Updated full PlugIns archive. See ->Start Post <- |
The Following User Says Thank You to dosprog For This Useful Post: | ||
Indigo (07-19-2019) |
#21
|
|||
|
|||
you say malware found @github?
how come... or maybe it started to happen after MS bought GH by 7 500 000 000 usd? |
The Following User Says Thank You to sendersu For This Useful Post: | ||
Indigo (07-19-2019) |
#23
|
|||
|
|||
Goto.HEM - PlugIn for HIEW32 (updated)
Goto.HEM - added new option "Goto PE CheckSum".
Menu available: Quote:
Last edited by dosprog; 06-27-2018 at 08:00. |
#24
|
|||
|
|||
Happy NY 2 all
@Jupiter, test, please, HEM-plugin KBD_CYR.HEM with new version 8.66, if possible - because in leaked vmprotected version it doesn't works. |
#25
|
||||
|
||||
@dosprog, The plugin loads in my legal copy. This is the output for characters a-z on an English keyboard.
Code:
https://i.imgur.com/SMnal27.png
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler |
#26
|
|||
|
|||
New plugins released 2020:
--> BASE64.HEM <-- (17 apr 2020) - HEM-PlugIn produces BASE64 string for marked block (16Mb max.) --> SECTOR.HEM <-- (18 apr 2020) - HEM-PlugIn for write sector(s) of disk to a file (256 sectors max.). --> PE_SPLIT.HEM <-- (24 apr 2020) - HEM-Plugin - Split & Join 32-bit PE-file. (Prototype is --> PEU <-- by A.Quincey,1998) --> BL_FILE.HEM <-- (26 apr 2020) - HEM-PlugIn writes selected block to a file with HEX-address as filename. Last edited by dosprog; 05-26-2020 at 19:03. |
The Following User Gave Reputation+1 to dosprog For This Useful Post: | ||
MarcElBichon (05-26-2020) |
#27
|
|||
|
|||
--> PE_TIME.HEM <-- (23 apr 2020) - HEM-Plugin - PE-file LinkTime<-> FileTime.
|
#28
|
|||
|
|||
Another excellent HEM plugin by Tavis Ormandy, view data structures in Kaitai format:
https://github.com/taviso/kiewtai |
#29
|
|||
|
|||
Updated PlugIn MBYTE2.HEM
- Added "Raw" Option. - Fixed "Asm" transtation (removed invalid comma at EOL) Now converted bytes : C-code: Quote:
Asm-code: Quote:
Quote:
Last edited by dosprog; 09-10-2020 at 22:03. |
The Following User Gave Reputation+1 to dosprog For This Useful Post: | ||
MarcElBichon (09-10-2020) |
#30
|
|||
|
|||
Last edited by dosprog; 10-08-2020 at 22:06. |
The Following User Says Thank You to dosprog For This Useful Post: | ||
MarcElBichon (10-08-2020) |
Tags |
hem, hiew |
Thread Tools | |
Display Modes | |
|
|