Difference between revisions of "Executable"
From ForensicsWiki
Joachim Metz (Talk | contribs) (→MZ, PE/COFF) |
Joachim Metz (Talk | contribs) (→DBG, PDB) |
||
| Line 30: | Line 30: | ||
* [https://code.google.com/p/pdbparse/wiki/StreamDescriptions Stream Descriptions], [https://code.google.com/p/pdbparse/ pdbparse project] | * [https://code.google.com/p/pdbparse/wiki/StreamDescriptions Stream Descriptions], [https://code.google.com/p/pdbparse/ pdbparse project] | ||
* [https://code.google.com/p/google-breakpad/source/browse/trunk/src/google_breakpad/common/minidump_format.h minidump_format.h] | * [https://code.google.com/p/google-breakpad/source/browse/trunk/src/google_breakpad/common/minidump_format.h minidump_format.h] | ||
| + | * [http://sourceforge.net/p/mingw-w64/code/HEAD/tree/experimental/tools/libmsdebug/ libmsdebug], by the [[MinGW|MinGW project]] | ||
* [http://moyix.blogspot.ch/2007/10/types-stream.html The Types Stream], by [[Brendan Dolan-Gavitt]], October 4, 2007 | * [http://moyix.blogspot.ch/2007/10/types-stream.html The Types Stream], by [[Brendan Dolan-Gavitt]], October 4, 2007 | ||
Revision as of 06:11, 18 January 2014
|
|
Please help to improve this article by expanding it.
|
An executable file is used to perform tasks according to encoded instructions. Executable files are sometimes also referred to as binaries which technically can be considered a sub class of executable files.
There are multiple families of executable files:
- Scripts; e.g. shell scripts, batch scripts (.bat)
- DOS, Windows executable files (.exe) which can be of various formats like: MZ, PE/COFF, NE
- ELF
- Mach-O
External Links
MZ, PE/COFF
- Wikipedia: Portable Executable
- Microsoft PE and COFF Specification
- Peering Inside the PE: A Tour of the Win32 Portable Executable File Format, by Matt Pietrek, March 1994
- Under the Hood, by Matt Pietrek, July 1997
- An In-Depth Look into the Win32 Portable Executable File Format, by Matt Pietrek, February 2002
- MZ, PE-COFF executable file format (EXE), by the libexe project, October 2011
- The Internal of Reloc .text, Full Disclosure Mailing list, October 21, 2013
DBG, PDB
- Wikipedia: Program database
- Matching Debug Information, by debuginfo.com
- Description of the .PDB files and of the .DBG files, by Microsoft
- Public and Private Symbols, by Microsoft
- DbgHelp Structures, by Microsoft
- Internet Archive: Microsoft Symbol and Type Information, by Microsoft
- Stream Descriptions, pdbparse project
- minidump_format.h
- libmsdebug, by the MinGW project
- The Types Stream, by Brendan Dolan-Gavitt, October 4, 2007
Mach-O
Tools
MZ, PE/COFF
- pefile, multi-platform Python module to read and work with Portable Executable (aka PE) files
PDB
- pdbparse, Open-source parser for Microsoft debug symbols (PDB files)
