๐ Carving PE Files With pecheck.py
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: blog.didierstevens.com
I added a feature to my tool pecheck.py to help extract embedded PE files from any host file: -l โlocate. pecheck.py expects a PE file as input, but if you use option -l P, it will read any file an look for embedded PE files by searching for a DOS header (MZ) followed by a [โฆ] ...