Скачать explorer suite - ПК журнал

ПК журнал
5 просмотров
Рейтинг статьи
1 звезда2 звезды3 звезды4 звезды5 звезд

Скачать explorer suite



Cerbero Suite
Date: present Author: Erik Pistelli
State-of-the-art suite of tools for malware triage and file analysis. Analysis for many file formats including PE, Mach-O, ELF, Java, SWF, DEX, PDF, DOC, XLS, RTF, Zip and many more. Automatic analysis, interactive analysis, Carbon Interactive Disassembler, byte-code disassemblers (.NET MSIL, Java, DEX, ActionScript2/3, VBA, fonts), hex editor with layouts, Windows memory analysis (raw dumps, WinDmp files, hibernation files), JavaScript debugger, extremely rich Python3 SDK, extension support, C++/PDB structures importer, support for projects and bookmarks. Completely multi-platform (Windows, Linux, OS X). Full trial available for download.

Explorer Suite
Date: 18/11/2012 Author: Erik Pistelli
A freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. The suite is available for x86 and x64.

Date: 1/1/2009 Author: Erik Pistelli
Rebel.NET is a rebuilding tool for .NET assemblies which is capable of adding and replacing methods and streams. It’s possible to replace only a limited number of methods or every method contained in a .NET assembly. The simplicity of Rebel.NET consists in the replacing process: one can choose what to replace. Rebel.NET is, mainly, a very solid base to overcome every .NET protection and to re-create a fully decompilable .NET assembly. As such, Rebel.NET has to be considered a research project, not an encouragement to violate licensing terms.

Phoenix Protector
Date: 1/1/2007 Author: Erik Pistelli
A protection software for .NET assemblies. It provides obfuscation features like Name, String and Control Flow Obfuscation. The last feature is particularly important since it prevents the .NET assembly from being decompiled into an understandable language. The Name Obfuscation is provided with an exclusion list. Also there are some more features. The Phoenix Protector is the ideal solution for every .NET developer, due to its support of every kind of project and compatibility with every version of the .NET framework. If you want to know more, click on the product for a detailed presentation.

Filter Monitor
Date: 17/10/2009 Author: Erik Pistelli
This utility can list kernel mode filters and also unregister them. Monitored filters are, for instance, registry filters, create process and thread notifications. FilterMon comes both for x64 and x86 and it should work on all Windows systems from Vista RTM to Windows 7 RTM. I can’t guarantee that it will work on future versions of Windows as it relies heavily on system internals.

Driver List
Date: 09/10/2009 Author: Erik Pistelli
Very small utility which lists the loaded drivers. The utility is 64-bit compatible and can generate a report file from the list.

VirtualReg Manager
Date: 23/05/2008 Author: Erik Pistelli
VirtualReg Manager is a utility which creates virtual registry files and is also able to edit them through a regedit-like interface. It provides command line support for automation. Feel free to include this application in your freeware. Since it’s a .NET assembly, it works on every Windows platform.

Date: 13/04/2008 Author: Erik Pistelli
DynLogger logs all dynamically retrieved functions by reporting the module name and the requested function. It can come very handy when one wants to know a “hidden” function used by an application. I recycled the code of a bigger project to write this little application. It’s a very small utility, but it might be of use after all. It was tested on XP and Vista, both x86 and x64. It works for .NET application as well. Just start the logging process, the log will be saved after you quit the monitored application.

Читать еще:  Как вытащить музыку из ютуба

Date: 13/04/2008 Author: Erik Pistelli
Vista4Experts is kind of a treat for computer experts who don’t want security center notifications, User Account Control dialogs, automatic Windows Defender scannings, automatic update installations (which cause you to reboot your system if you don’t react quickly enough). People who want MSDN (or google) set as default search engine in the Internet Explorer search bar, who want the start menu power button to shut down the system instead of hibernating it, etc. These and many more fixes are included in Vista4Experts. All of these changes can be discarded, enabled or reversed. Vista4Experts is first the expert utility of its kind and works on every platform.

4GB Patch
Date: 29/11/2007 Author: Erik Pistelli
This very little tool patches x86 executables in order to let them have 4GB (instead of only 2) of virtual memory on x64 platforms. This tool comes very handy for applications which need a great amount of virtual memory like games, 3D renderization, multimedia etc. To gain these 2GB, you just have to use this tool to patch the executable (*.exe file) of the software you want to have these additional GBs of virtual memory. It can be used by clicking on it and choosing the file or through command line (e.g.: “4gb_patch file.exe”). It automatically creates a backup copy of the original executable.

PE Detective
Date: 01/05/2007 Author: Erik Pistelli
A freeware PE identifier. This tool was originally designed to be part of the Explorer Suite II, but it can be downloaded separately as well. The PE Detective can scan single PE files or entire directories (also recursevely) and generate complete reports. The PE Detective is deployed along with the Signature Explorer, which is an advanced signature manager to check collisions, handle, update and retrieve signatures.

WIM Installer
Date: 21/04/2007 Author: Erik Pistelli
A little utility created to handle from a graphical interface and in a extremely easy way setups based on wim images. Regardeless if they have been released by microsoft or not.

Date: 14/05/2006 Author: Erik Pistelli
This is a little freeware software which makes the writing of screenplays for TV and cinema very easy. It follows the standard american indentation rules and provides autocompletion for characters, places and day times. You can also export your scripts in various file formats.

.NET Generic Unpacker
Date: 07/03/2006 Author: Erik Pistelli
This is a program to dump .NET packed applications. Of course no serious .NET protection relies on packing. In fact, this software shows how easily you can unpack a protected assemly. This .NET Generic Unpacker was written in a couple of hours and despite of the fact that it’s very simple, it might turn useful having it: otherwise you have to unpack manually, which is also very easy.

Читать еще:  Не воспроизводится ютуб

Date: 29/11/2005 Author: Erik Pistelli
This tool removes the Strong Name Signature from .NET Assemblies. I had to code it since all the other tools over the internet didn’t work correctly with the new .NET Framework 2.0, which was released a couple of days ago. This tool was coded in plain win32, so like the CFF Explorer it doesn’t need the framework to run.

Date: 04/05/2005 Author: Erik Pistelli
Small utility I wrote for a friend of mine (who needed it for work), it preserves files from deletion in a directory that you choose.

AntiMida 1.0
Date: 10/04/2005 Author: Erik Pistelli
The AntiMida 1.0. Here you find the project files and a compiled executable. For more information read the article.


Qt MetaData IDAPython Script
Date: 28/11/2008 Author: Erik Pistelli
Little IDAPython script to extract Qt metadata from binary files. For more information about this source, read the article about Qt Internals & Reversing.

Date: 30/04/2008 Author: Erik Pistelli
DisasMSIL is a free/open disasm engine for the Microsoft Intermediate Language (MSIL). You can use it any context you wish. There are no license restrictions. The only thing I ask you to do is to send me your bug fixes (if any). For more information about this project, read the article.

Small Application Wizard
Date: 21/8/2006 Author: Erik Pistelli
A wizard designed for Visual Studio .NET (2005) to build small applications with just a few clicks. The package includes a small libc. If you’re interested in knowing more about this project, read the article.

Manifest Resources Class
Date: 09/11/2004 Author: Erik Pistelli
A Class to handle the Manifest Resource format. For more information read the article.

Date: 09/11/2004 Author: Erik Pistelli
The Anti-WindowsFileProtection. Here you find the project files and a compiled executable. For more information read the article.

Explorer Suite

Download the Explorer Suite
Current Version: III (18/11/2012)

Small announcement: If you or your organization needs professional PE inspection (not editing), then take a look at Cerbero Suite (the commercial product of my company), which properly supports many file formats beyond the complete Portable Executable specification. It’s multi-platform (Windows, OS X & Linux) and it comes as a free unlimited trial. Check out its awesome tools like the Carbon Interactive Disassembler and the hex editor!

Created by Erik Pistelli, a freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. The suite is available for x86 and x64.

– Explorer Suite (Multi-Platform Version, Recommended)
SHA1: 89CAB44D4956210570AB3123FBF13B2B7D870B91
SHA256: 94F4348EC573B05990B1E19542986E46DC30A87870739F5D5430B60072D5144D

– CFF Explorer (x86 Version, stand-alone, Zip Archive)
SHA1: 7A287CD97BD9287C020C98C3496E284D04F5382D
SHA256: 8E72BCB9C6E83F188F4A259AD039ED3CC37CDF2C3EA12B00F0DF8D8B67E96D96

CFF Explorer was designed to make PE editing as easy as possible, but without losing sight on the portable executable’s internal structure. This application includes a series of tools which might help not only reverse engineers but also programmers. It offers a multi-file environment and a switchable interface.

Also, it’s the first PE editor with full support for the .NET file format. With this tool you can easily edit metadata’s fields and flags. If you’re programming something that has to do with .NET metadata, you will need this tool. The resource viewer supports .NET image formats like icons, bitmaps, pngs. You’ll be able to analyze .NET files without having to install the .NET framework, this tool has its own functions to access the .NET format.

Читать еще:  Аккаунт ютуб зарегистрироваться

Useful links:


  • Process Viewer
  • Drivers Viewer
  • Windows Viewer
  • PE and Memory Dumper
  • Full support for PE32/64
  • Special fields description and modification (.NET supported)
  • PE Utilities
  • PE Rebuilder (with Realigner, IT Binder, Reloc Remover, Strong Name Signature Remover, Image Base Changer)
  • View and modification of .NET internal structures
  • Resource Editor (full support for Windows Vista icons)
  • Support in the Resource Editor for .NET resources (dumpable as well)
  • Hex Editor
  • Import Adder
  • PE integrity checks
  • Extension support
  • Visual Studio Extensions Wizard
  • Powerful scripting language
  • Dependency Walker
  • Quick Disassembler (x86, x64, MSIL)
  • Name Unmangler
  • Extension support
  • File Scanner
  • Directory Scanner
  • Deep Scan method
  • Recursive Scan method
  • Multiple results
  • Report generation
  • Signatures Manager
  • Signatures Updater
  • Signatures Collisions Checker
  • Signatures Retriever

Explorer Suite III

Программы / Разработка / Редакторы кода / Explorer Suite III

Разработчик:Daniel Pistelli (cм. другие программы)
Сайт:Explorer Suite III

 Прежде, чем скачивать: БЕСПЛАТНО проверьте Windows на наличие ошибок. Также рекомендуем быстро обновить устаревшие драйверы.

Скачать Explorer Suite III

 Для скачивания будет предоставлена ссылка на дистрибутив программы на сайте компании-разработчика.

Обзор Explorer Suite III (автоматический перевод)

Explorer Suite является пакетом утилит включая вызванный CFF Explorer Редактора PE и средство просмотра процесса. Это — измельченная работа повреждения, потому что пакетом NTCORE утилит является полностью.NET, поддерживаемый внутренне.

Фактически, это было разработано для, перепроектирует и программисты, у которых есть большая работа, включающая метаданные.NET.

Из-за Explorer Редактирование PE стало действительно простым. Его список функций должен лучше всего быть просмотрен онлайн, поскольку это становится таким длинным, Вы не знали бы, как использовать все это. В этом впечатляющем списке Вы найдете самосвал памяти, Windows и средства просмотра Процесса, Специальный.NET поддерживал полевые описания и модификации. Существуют редакторы и существуют утилиты, соединяющиеся со сканером и обработкой документов с определенным вниманием на добавление подписи и получение. Вы могли также установить свой CFF Explorer для генерации любых отчетов, в которых у Вас может быть потребность, делая это бизнес-разумным инструментом.

Некоторые его функции являются Средством просмотра Процесса; Windows Viewer; PE и Самосвал Памяти; Специальное полевое описание и модификация (поддерживаемый.NET); Полная поддержка PE32/64; Утилиты PE; Фирма по модернизации PE; Редактор Ресурса (полная поддержка значков Windows Vista); Представление и модификация.NET внутренние структуры; Поддержка в Редакторе Ресурса для ресурсов.NET; HEX-редактор; Сумматор Импорта; проверки целостности PE.

Тогда существует список меньших утилит. Утилиты, такие как они в основном принимают форму дополнений к основным утилитам. Здесь у Вас есть менеджеры по реестру, менеджеры по файлам и много патчей. Эта программа кажется довольно сложной. Это кажется более нацеленным на компьютерный здравый смысл тогда на новичке, которому просто нравится включать его PC. Но предлагаемые функции являются ясно инструментами, которых мы можем только обойтись без, делая менее важную работу.

Если Вы хотите видеть процессы в x64 или машине Itanium, Вы должны загрузить нужную версию с сайта разработчиков.

Ссылка на основную публикацию
ВсеИнструменты 220 Вольт