Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DLest #194

Open
DarkCoderSc opened this issue Dec 20, 2022 · 1 comment
Open

DLest #194

DarkCoderSc opened this issue Dec 20, 2022 · 1 comment
Labels
🌀 FLARE-VM A package or feature to be used by FLARE-VM ❔ discussion Further discussion is needed 🆕 package New package request/idea/PR

Comments

@DarkCoderSc
Copy link

Package Name

dlest

Tool Name

DLest

Package type

ZIP_EXE

Tool's version number

1.0

Category

Utilities

Tool's authors

Jean-Pierre LESUEUR

Tool's description

DLest is a new open-source tool for analysing and manipulating exported functions in PE files. It is efficient for processing large numbers of files and useful for developers and malware analysts.

Download URL

https://github.com/DarkCoderSc/DLest/releases/tag/1-0

Download SHA256 Hash

7f81163dfcc2e76b08eb3fedc4c5f812da58c84046da596b8f856b737e05233a

Why is this tool a good addition?

DLest is a tool that can be used to analyze and manipulate exported functions in Portable Executable (PE) files, particularly dynamic link library (DLL) files. This can be useful for developers and malware analysts in a number of ways.

For developers, DLest can be a helpful tool for analyzing and manipulating exported functions in PE files as part of the development process. For example, a developer may use DLest to enumerate exported functions in a DLL file in order to understand how the DLL is intended to be used or to make changes to the exported functions.

For malware analysts, DLest can be a valuable tool for reverse engineering and incident response. By allowing the analysis of memory-loaded modules in real time, DLest allows malware analysts to analyze and manipulate exported functions in DLL files that may be loaded into memory as part of a malware attack. This can help analysts understand how the malware is functioning and potentially identify ways to mitigate the attack.

Overall, DLest can be a useful tool for anyone working with PE files, particularly DLL files, as it allows for the efficient and fast analysis and manipulation of exported functions. Its ability to analyze memory-loaded modules in real time makes it particularly useful for malware analysts.
@DarkCoderSc DarkCoderSc added the 🆕 package New package request/idea/PR label Dec 20, 2022
@Ana06 Ana06 added the 🌀 FLARE-VM A package or feature to be used by FLARE-VM label Oct 6, 2023
@Ana06 Ana06 added the ❔ discussion Further discussion is needed label Jul 17, 2024
@Ana06
Copy link
Member

Ana06 commented Jul 17, 2024

@mandiant/flare-vm opinions?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🌀 FLARE-VM A package or feature to be used by FLARE-VM ❔ discussion Further discussion is needed 🆕 package New package request/idea/PR
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DarkCoderSc @Ana06