PEStudio is a debugging and distribution tool that helps users inspect applications before they are started. It can discover security-related details about any application, such as whether anonymous functions are exported, whether obsolete functions are imported, whether Data Execution Prevention (DEP) is used, whether Address Space Layout Randomization (ASLR) is used, whether Structured Exception Handling (SEH) is used, whether an application is 64-Bit capable, whether unused bytes (Caves) are available, and whether Structured Storage is used.
Inspect your applications before you start them with PeStudio.
With PeStudio, you can discover many security relevant details about any application (-.exe, -.dll, -.cpl, -.ocx, -.ax, -.sys, ...) WITHOUT starting it, like:
- whether anonymous functions are exported
- whether obsolete functions are imported
- whether Data Execution Prevention (DEP) will be used
- whether Address Space Layout Randomization (ASLR) is used
- whether Structured Exception Handling (SEH) is used
- whether an application is 64-Bit capable
- whether unused bytes (Caves) are available
- whether Structured Storage is used
- whether an HTTP connection will be made
- whether the file is obfuscated (encrypted, compressed)
Comments