Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 09-01-2018, 03:42
hors's Avatar
hors hors is offline
Developer
 
Join Date: Aug 2014
Posts: 71
Rept. Given: 16
Rept. Rcvd 111 Times in 52 Posts
Thanks Given: 27
Thanks Rcvd at 652 Times in 64 Posts
hors Reputation: 100-199 hors Reputation: 100-199
XNTSV system structures viewer

XNTSV program for detailed viewing of system structures such as PEB or TEB.

Download

You can also view kernel structures such as ETHREAD or EPROCESS but for this you need to properly sign the driver on your machine.

The program has templates for such operating systems:

WinXP
WinXPSP1
WinXPSP2
WinXPSP3
Win2003
Win2003SP1
Win2003SP2
WinVista
WinVistaSP1
WinVistaSP2
Win2008
Win2008SP2
Win7
Win7SP1
Win8
Win8.1


There are 2 versions of the program 32 bit and 64 bit
Important: If you have a 64-bit operating system and a 32-bit process is running, information about it can be obtained from the 32-bit version of the program

The program is Open Source and you can find the source code here.

More info
Reply With Quote
The Following User Gave Reputation+1 to hors For This Useful Post:
Insid3Code (09-01-2018)
The Following 8 Users Say Thank You to hors For This Useful Post:
bigboss-62 (09-01-2018), chants (09-01-2018), dj-siba (09-01-2018), Dr.FarFar (04-04-2022), TechLord (09-01-2018), Vosiyons (04-04-2022), wilson bibe (09-01-2018)
  #2  
Old 10-20-2021, 02:04
hors's Avatar
hors hors is offline
Developer
 
Join Date: Aug 2014
Posts: 71
Rept. Given: 16
Rept. Rcvd 111 Times in 52 Posts
Thanks Given: 27
Thanks Rcvd at 652 Times in 64 Posts
hors Reputation: 100-199 hors Reputation: 100-199
Version 3.00

[+] New structs
[+] New translations
[+] Windows 11 support
[+] Custom structs
[+] Many bugs have been fixed

The program supports now:

Windows 7
Windows 7 SP1
Windows 8
Windows 8.1
Windows Server 2016
Windows Server 2019
Windows 10 (all builds)
Windows 11 (build 22000)


Download
Reply With Quote
The Following 3 Users Gave Reputation+1 to hors For This Useful Post:
chants (10-20-2021), MarcElBichon (10-20-2021), niculaita (10-20-2021)
The Following 4 Users Say Thank You to hors For This Useful Post:
chants (10-20-2021), Dr.FarFar (04-04-2022), niculaita (10-20-2021), wilson bibe (10-20-2021)
  #3  
Old 04-02-2022, 19:08
hors's Avatar
hors hors is offline
Developer
 
Join Date: Aug 2014
Posts: 71
Rept. Given: 16
Rept. Rcvd 111 Times in 52 Posts
Thanks Given: 27
Thanks Rcvd at 652 Times in 64 Posts
hors Reputation: 100-199 hors Reputation: 100-199
Version 3.01

[+] Support kernel mode(Need signed driver)
[+] New memory map widget
[+] New modules widget
[+] New features in PE Viewer
[+] New translations
[+] Many bugs have been fixed

Download
Reply With Quote
The Following User Gave Reputation+1 to hors For This Useful Post:
MarcElBichon (04-02-2022)
The Following 7 Users Say Thank You to hors For This Useful Post:
Doit (04-04-2022), Dr.FarFar (04-04-2022), ionioni (04-03-2022), kienmanowar (04-03-2022), niculaita (04-03-2022), user_hidden (04-02-2022), wilson bibe (04-03-2022)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Is there a tool that automatically can determine data structures? binarylaw General Discussion 8 10-29-2020 20:54
IDA can't automatically recognize try/finally structures by Borland compilers WhoCares General Discussion 2 10-09-2004 20:52


All times are GMT +8. The time now is 16:03.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )