Categories /

Programming - Resource Tools (15)

RisohEditor v5.6.7 Updated

Andrew Lee on 13 Jan 2022
  • 7MB (uncompressed)
  • Released on 12 Jan 2022
  • Suggested by rbon

RisohEditor is a resource editor for Win32 development. It supports adding, editing, extracting, cloning and removing resource data in EXE/DLL/RC/RES files. This includes resources such as dialogs, menus, icons, cursors, string tables, message tables etc.

Category:
Runs on:WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: GPL
How to extract: Download the ZIP package and extract to a folder of your choice. Launch RisohEditorPortable.exe.
Similar/alternative apps: ResourceHacker, ResEdit
What's new? See:https://github.com/katahiromz/RisohEditor/releases

PEAnatomist v0.2.7 Updated

Andrew Lee on 7 Jan 2022
  • 438KB (uncompressed)
  • Released on 4 Jan 2022
  • Suggested by billon

PEAnatomist shows almost all known data structures inside a PE file and makes some analytics.
Current version provides an entropy histogram possibly handy for cursory PE forensics

Category:
Runs on:WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: MIT License
How to extract: Download the ZIP package and extract to a folder of your choice. Launch PEAnatomist.exe.
Similar/alternative apps: PPEE, MiTeC EXE Explorer, pestudio
What's new? See:
https://rammerlabs.alidml.ru/changelog-eng.html
Latest comments
__philippe on 2019-12-28 12:07

PE Anatomist changelog history:

https://rammerlabs.alidml.ru/changelog-eng.html

__philippe on 2021-11-05 10:42

PEanatomist notably includes (since v0.2.4) a colorful byte-level entropy(*) histogram of the file under analysis, possibly handy for inquiring minds dabbling in PE forensics ?

* Everything you always wanted to know about entropy histograms but were scared to ask...;-)
https://crucialsecurity.wordpress.com/tag/entropy/

Add comment

pestudio standard v9.26 Updated

Special on 6 Jan 2022
  • 4MB (uncompressed)
  • Released on 6 Jan 2022
  • Suggested by joby_toss

pestudio shows details about applications and other system files (.exe, .dll, .cpl, .ocx, .ax, .sys etc.) without starting them including:

  • Libraries that are used by an application
  • Functions that are imported by an application
  • Functions (also anonymous) that are exported by an application
  • All functions that are forwarded to other libraries
  • Obsolete Functions that are exported and imported by an application
  • If Data Execution Prevention (DEP) Windows security mechanism is used
  • If Address Space Layout Randomization (ASLR) Windows security mechanism is used
  • If Windows security mechanism Structured Exception Handling (SEH) is used
  • Whether some sections are compressed

pestudio standard lacks some features of pro version.

Category:
Runs on:Win2K / WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: Free for personal use/Liteware
How to extract: Download the ZIP package and extract to a folder of your choice. Delete AddToShell.reg and RemoveFromShell.reg. Launch pestudio.exe.
Similar/alternative apps: PPEE, PE Anatomist
What's new? See:
https://www.winitor.com/tools/pestudio/changes.log
Latest comments
__philippe on 2017-11-26 21:39

All righty,... next time round,

the undersigned hereby pledge to abide by the recommendations, protocols,
procedures and regulations set forth by my Right Honourable Friend Midas,
the Member for TPFC's constituency,... cross my heart and hope to die... ;-)

__philippe

Special on 2019-09-14 18:16

Looks like with 8.98 they've removed even more features from the previous 9.87 free version (detect well-known whitelisted libraries/blacklisted resources), funny they don't mention that in the changelog.

MoisheP on 2021-08-15 03:13

v. 9.15 elicits numerous warnings.

See all

MiTeC EXE Explorer v3.1.0

billon on 5 Jan 2021
  • 4MB (uncompressed)
  • Released on 5 Jan 2021
  • Suggested by juvera

MiTeC EXE Explorer reads and displays executable file properties and structure. It is compatible with PE32 (Portable Executable), PE32+ (64bit), NE (Windows 3.x New Executable) and VxD (Windows 9x Virtual Device Driver) file types, as well as .NET executables.

The program identify compiler and packer/protector, enumerates introduced classes, used units and forms for files compiled by Borland compilers. It contains powerfull Resource Viewer that is able to abalyze and display all basic resouce types and some extra ones as JPEG, PNG, GIF, AVI, REGISTRY and Type Library viewer that enumerates all objects and creates import interface unit in Object Pascal language. Every type of resource can be saved to file.

Program data can be output to a text report.

Category:
Runs on:WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: If "File | Persistent Layout" option is enabled, an INI file will be written to '%APPDATA%\MITEC\EXE Explorer'. Also writes to the Registry when "File | Shell Integration" is enabled (saved to 'HKLM\SOFTWARE\Classes\*\shell\EXE Explorer').
Stealth: ? Yes. But only without persistent layout or shell integration; otherwise see "Writes settings to" above.
Unicode support: Yes
License: Free for personal use
How to extract: Download the ZIP package and extract to a folder of your choice. Launch EXE.exe or EXE64.exe (for 64-bit OS).
Similar/alternative apps: PPEE, PEAnatomist, pestudio
What's new? See:
https://mitec.cz/exe.html#VersionHistory
Latest comments
CornHolio the Gringo on 2018-02-06 16:27

All MiTeC software that I use, writes to registry.
MiTeC HexEdit 6.1.0
MiTeC Icon Explorer 4.2.0
MiTeC Mail Viewer 2.3.0
MiTeC Network Scanner 4.0

Therefore Ive used JauntePE060Nightly to make it true stealth.

Add comment

Resource Hacker v5.1.8 (build 360) Updated

Andrew Lee on 16 Dec 2021

Resource Hacker is an utility to view, modify, rename, add, delete and extract resources in 32-bit and 64-bit Windows executables and resource files (*.res). The program can modify program icons as they appear in the taskbar, Start Menu and Desktop, among many other things.

It incorporates an internal resource script compiler and decompiler.

Category:
Runs on:Win2K / WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch ResourceHacker.exe.
Similar/alternative apps: ResEdit, RisohEditor
What's new?
  • Bugfix: Some PNG files were no longer being displayed.
Latest comments
MIKLO on 2016-10-09 14:10

Have been using for quite some time and really like this program. Thanks for a good program.
MIKLO

rbon on 2016-10-15 12:20

Resource Hacker new Beta in 'Portable' zip format.
Changes in 4.5.28
- Update: Numerous changes and improvements to command line support.
- Update: Filenames in resource scripts are no longer required to be enclosed within double quotes unless they contain
spaces.
- 'Portable' zip file: http://www.angusj.com/resourcehacker/resource_hacker_beta.zip

Ennovy on 2020-11-14 14:03

Changes in 5.1.8:
Added: Zooming/scrolling views of image resources
Update: Enabled scrolling for very tall dialogs
Bugfix: Very large binary resources (>>100Mb) could crash the hex editor
Bugfix: Occasional bug decompiling dialogs styles (WS_TABSTOP)
Bugfix: RC file missing when extracting a binary resource type from commandline

See all