Skip to content

v0.3.3

Compare
Choose a tag to compare
@hasherezade hasherezade released this 24 Jan 00:03
· 305 commits to master since this release

📖 README.md

BUGFIX

  • Fully redesigned IAT scan, providing much better precision (Issues: #98, #92, #77)
  • Fixed processing PEs with relocation table containing empty records (hasherezade/libpeconv#30)
  • Fixed false positives in some of the code scans

FEATURE

  • Added optional caching (Issue #94)
  • Improved auto-detection of import reconstruction mode (/imp A) : set R0, R1 modes depending on the sizes of found IATs of particular types
  • Do not exclude .NET modules from code scan. Improved filtering of the changes typical for .NET.
  • Changed reporting of IAT hooks to the format consistent with inline hooks reports ( more details here )

See also: HollowsHunter v0.3.3 & MalUnpack v0.9.1 with the latest PE-sieve

pesieve_033