Skip to content

Releases: struppigel/PortEx

Release 4.0.7

20 Aug 03:48
Compare
Choose a tag to compare

Additions:

  • timedatestamps added to ImportDLLs and import report
  • repro debug info added, repro hash extraction
  • reproducibility build checks for timestamps

Bugfixes:

  • misaligned values in RichHeader caused crash
  • added missing DLLCharacteristics (did these change in the last years?)
  • visualizer legend not showing special sections in certain circumstances

Release 4.0.0

11 Feb 07:30
Compare
Choose a tag to compare

Changes:

  • .NET metadata parsing (ALPHA - currently some features are missing causing wrong output)
  • Rich Header parsing, hashes and checksum verification added
  • Chi squared added
  • corrections for low alignment files
  • linker version descriptions added
  • convenience functions in PEData that perform common tasks: loading resources, pdb path, imports, exports, icon, version info, manifest
  • string table parsing in PEData
  • debug section improvements: newer debug types added, parsing all streams

3.0.3 log4j 2.16.0 update

15 Dec 05:41
Compare
Choose a tag to compare

Release 3.0.2

12 Dec 05:43
Compare
Choose a tag to compare
  • log4j2 update to mitigate CVE-2021-44228
  • PortexAnalyzer update to 0.9.2
  • RichHeader parsing added
  • Chi2 added
  • more section names descriptions
  • ImpHash added

Release v.2.0.9

09 Feb 12:29
Compare
Choose a tag to compare

Updates:

  • visualizer supports showing additional data chunks
  • --visoverlay option for PortExAnalyzer to input data chunks as ".txt" file
  • auto repair for corrupted PE files added
  • --dump option for PortexAnalyzer added
  • process injection detection for anomaly scanning added
  • more section names descriptions added

Bugfixes:

  • ordinal table address after eof fixed, issue #11
  • PortexAnalyzer: bugfix for parent directory for dump output, commit 8fccf7d
  • fix for parsing non-existant ExportOrdinalTable, commit 7c0c0ec

Release v.2.0.8

08 Dec 22:35
Compare
Choose a tag to compare

Updates:

  • access to StringFileInfo strings of version information resources
  • more overlay and packer signatures
  • visualizer diff image
  • import categories and descriptions
  • started to implement DiffReportCreator

Bugfixes:

  • issue #7: negative seek offset error solved
  • issue #6: export ordinal table with negative entry number fixed
  • issue #6: version fix
  • issue #5: ordinal export table with invalid offset

Release v2.0.6

20 Jan 20:02
Compare
Choose a tag to compare

Updates:

  • verification of checksum in PE Header
  • string extraction of Unicode, performance improvements
  • time date stamp anomalies added
  • section names typical for certain packers are shown in anomaly description
  • signature patterns are printed with ReportCreator
  • ReportCreator shows file offset for data directories
  • Overlay signatures added
  • version info bugfixes
  • more coloring options for visualizer and better legend

Release v2.0.2

17 Jun 10:11
Compare
Choose a tag to compare

Changelog

  • manifest parsing added
  • byteplot added to visualization
  • more debug info signatures added
  • proper access to ResourceDataEntry fields and values
  • aligned visualization with default values and for PortexAnalyzer
  • more detailed info in ReportCreator for Optional Header and Data Directories
  • filetype signatures for resources shown via ReportCreator
  • started to implement VT_VERSION parsing
  • started to implement bounds import parsing
  • bugfix with invalid Codeview structure
  • build bugfixes
  • travis added

Release v1.0.1

18 Feb 21:17
Compare
Choose a tag to compare

Binaries: [https://oss.sonatype.org/content/repositories/releases/com/github/katjahahn/portex_2.10/1.0.1/](central repo)

  • PortEx is now on Maven Central
  • ICO extraction from resources possible, see [https://github.com/katjahahn/PortEx/wiki/Resource-Section](Wikipage Resource Section)
  • Debug section can parse Codeview information
  • Minor bugfixes and typos thanks to https://github.com/HairyFotr
  • Bug in entropy calculation for sections fixed.

Release v1.0

16 Dec 14:55
Compare
Choose a tag to compare

Initial Release