PeStudio shows details about applications (.exe, .dll, .cpl, ocx, .ax, .sys, etc.) without starting them including:
- All libraries that are used by an application.
- All functions that are imported by an application.
- All functions (also anonymous) that are exported by an application.
- All functions that are forwarded to other libraries.
- Obsolete Functions that are exported and imported by an application.
- Whether the Data Execution Prevention (DEP) Windows security mechanism is used.
- Whether the Address Space Layout Randomization (ASLR) Windows security mechanism is used.
- Whether Structured Exception Handling - SEH Windows security mechanism is used.
- Whether some sections are compressed.
No comments:
Post a Comment