Expand description
exe-rs is a library for handling PE files, whether it be building them or analyzing them!
Getting started is easy:
use exe::pe::{PE, VecPE};
use exe::types::{ImportDirectory, ImportData, CCharString};
let image = VecPE::from_disk_file("test/compiled.exe").unwrap();
let import_directory = ImportDirectory::parse(&image).unwrap();
for descriptor in import_directory.descriptors {
println!("Module: {}", descriptor.get_name(&image).unwrap().as_str().unwrap());
println!("Imports:");
for import in descriptor.get_imports(&image).unwrap() {
match import {
ImportData::Ordinal(x) => println!(" #{}", x),
ImportData::ImportByName(s) => println!(" {}", s)
}
}
}Standard PE headers and other types can be found in the headers module, while
helper types can be found in the types module. Low-level functionality for handling
PE data, such as collecting pointers and managing pointers as well as pulling out data, is
handled by the pkbuffer module and the Buffer trait.
Further usage examples can be found in the test file.
Re-exports
pub use crate::headers::*;pub use crate::imphash::*;pub use crate::pe::*;pub use crate::types::*;pub use crate::valloc::*;Modules
This module contains all the headers necessary to parse various aspects of a PE file.
This module only exports a single function. It’s used to contain metadata used to perform
the imphash algorithm.
This module contains the primary traits and types by which PE structures are derived.
This module contains Rust types to help with the parsing of PE files.
For Windows only. This module contains everything needed to interact with
VirtualAlloc
and related functions.Enums
Errors produced by the library.
Traits
Syntactic sugar to calculate entropy on a given object.
Syntactic sugar for producing various hashes of data. Typically applied to
[u8] slices.Functions
Aligns a given
value to the boundary specified by boundary.