-
See also the Binary analysis post Windows uses as format for the executeable files the PE Portable Executeable format. This is a binary format which can be used as a English (light ‘xkcd’) — Imgur has a graphical overview.
-
PE Portable Executung or DLL Dynamic Linking Libraries can be edited to remove or add capabilities or own code. Read and modify a PE file The following Python3 script reads a file, prints out a header, modified it to remove ASLR and write a new file without this flag. f = pefile.PE('filename.exe') print(hex(f.OPTIONAL_HEADER.DllCharacteristics)) // print as hex to…