XPEViewer
AsmResolver
Our great sponsors
XPEViewer | AsmResolver | |
---|---|---|
3 | 1 | |
868 | 781 | |
- | - | |
10.0 | 8.7 | |
3 days ago | 4 days ago | |
C++ | C# | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
XPEViewer
We haven't tracked posts mentioning XPEViewer yet.
Tracking mentions began in Dec 2020.
AsmResolver
-
Two steps to builder a .NET Trimmer application
However, according to Washi1337, author of AsmResolver (an open source project similar to DnLib), the NativeWrite method tries to preserve the structure of the native code so that the assembly size cannot be reduced. Instead, it may even increase the size of the assembly (see https://github.com/Washi1337/AsmResolver/issues/267). And in the actual use, I found that after modifying these assemblies, the program would fail to start. Checking the Windows event log, I found that it was caused by CLR startup failure. According to Washi1337, if only the native code in the assembly contains ReadyToRun, we can simply remove the ILLibrary flag from the assembly. After all, the optimized assembly still preserves the original IL code. However, after I did what Washi1337 said, the program still failed to start. It is not clear why, because the assembly containing native code can not be tailored well, so I did not go into further research, welcome friends who are proficient in CLR to share experience.
What are some alternatives?
pe-bear-releases - PE-bear (builds only)
Zack.DotNetTrimmer
IL2C - IL2C - A translator for ECMA-335 CIL/MSIL to C language.
sambal - Create executable showing message boxes!
pe-sieve - Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
pe-util - List shared object dependencies of a portable executable (PE)
DIE-engine - DIE engine
Pepper - PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
libpe - Library for parsing internal structures of PE32/PE32+ binary files.
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
ddisasm - A fast and accurate disassembler
pe-bear - Portable Executable reversing tool with a friendly GUI