PE Parsing with WinDbg

This reference provides essential WinDbg commands to manually parse PE (Portable Executable) images and explore key system structures. By mastering these manual PE parsing techniques in WinDbg, analysts gain a deeper understanding of the PE format and lays the groundwork for automating PE parsing and analysis programmatically using languages like C++, enabling the creation of powerful custom tools and workflows, topics covered in SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control.

December 19, 2024

Login to download

PE Parsing with WinDbg Cheat Sheet

Related Content

Security Awareness, Artificial Intelligence (AI), Digital Forensics, Incident Response & Threat Hunting, Cloud Security, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Industrial Control Systems Security, Open-Source Intelligence (OSINT)

December 10, 2024

Top SANS Summit Talks of 2024

This year, SANS hosted 13 Summits from OSINT, ICS, Ransomware, DFIR to HackFest. Here were the top-rated talks of the year.

SANS_-_Blog_-_The_Vulnerability_Assessment_Framework_-_340x340_Thumb.jpg

Offensive Operations, Pen Testing, and Red Teaming

The Vulnerability Assessment Framework: Stop Inefficient Patching Now and Transform Your Vulnerability Management

Vulnerabilities don’t matter! Patching is terrible! Prove me wrong!

Offensive Operations, Pen Testing, and Red Teaming

Penetration Testing: The Shift to Red Team and Purple Team Strategies

Penetration Testing to Red Team is mentality. Red Team is "the practice of looking at a problem or situation from the perspective of an adversary".

Jorge Orchilles