PE Parsing, but blazing fast

Overview

PE Parser

Build & Test Fuzz

A blazing fast 🔥 PE Parser written in Rust

Motivation

The main goals of pe-parser is to write something suitable for a PE Loader.

Is editing supported?

Currently no, but it wouldn't be too difficult to add from the current backbone.

How does it handle unsual or malformed PEs?

As long as the PE conforms to the standard outlined in Microsoft's documentation, it should read fine. Malformed PEs would likely run into issues of either returning an error or misreading data.

What is parsed right now?

  • COFF Header
  • Optional Header
  • Data Directories
  • Section Tables/Headers

What is not parsed yet?

  • COFF Relocations
  • COFF Line Numbers
  • COFF Symbol Table
  • COFF String Table
  • Certificate Table
  • Delay-Load Import Table
  • .debug Section
  • .drectve Section
  • .edata Section
  • .idata Section
  • .pdata Section
  • .reloc Section
  • .tls Section
  • Load Config Structure
  • .rsrc Section
  • .cormeta Section
  • .sxdata Section
You might also like...
🗝️ Superbacked, but in Rust

Hyperbacked A clone of Superbacked, written in Rust. Basically, it stores secrets securely using printable PDFs that contain encrypted QR-Codes. The e

MCUboot, but in Rust

MCUboot - In Rust This project is the beginnings of a fresh implementation of MCUboot in Rust. At this point, it implements SHA256 image verification,

It's a library AND a binary, but at what cost?

aria-of-borrow It's a library AND a binary, but at what cost? This is a simple toy project that demonstrates the various failure modes of trying to ma

A fast uuid generator in Python using Rust

ruuid A fast UUID generator for Python built using Rust. Its a simple wrapper on top of Rust's UUID crate. How to use? Installation: pip3 install ruui

Automatically deploy from GitHub to Replit, lightning fast ⚡️

repl.deploy Automatically deploy from GitHub to Replit, lightning fast ⚡️ repl.deploy is split into A GitHub app, which listens for code changes and s

fast rust implementation of online nonnegative matrix factorization as laid out in the paper "detect and track latent factors with online nonnegative matrix factorization"

ONMF status: early work in progress. still figuring this out. code still somewhat messy. api still in flux. fast rust implementation of online nonnega

a super fast scientific calculator with dimensional analysis support written in Rust 🦀

larvae a super fast scientific calculator with dimensional analysis support written in Rust 🦀 🐛 heavily inspired from insect Usage: Command mode: $

A fast lean and clean modern constraint programming solver implementation (in rust)

MaxiCP-rs This project aims at implementing a fast, and clean constraint programming solver with a focus on correctness, simplicity, maintainability a

A fast, iterative, correct approach to Stackblur, resulting in a very smooth and high-quality output, with no edge bleeding

A fast, iterative, correct approach to Stackblur, resulting in a very smooth and high-quality output, with no edge bleeding. This crate implements a t

Comments
  • Bump num-derive from 0.2.5 to 0.3.3

    Bump num-derive from 0.2.5 to 0.3.3

    Bumps num-derive from 0.2.5 to 0.3.3.

    Changelog

    Sourced from num-derive's changelog.

    Release 0.3.3 (2020-10-29)

    Release 0.3.2 (2020-08-24)

    Release 0.3.1 (2020-07-28)

    Release 0.3.0 (2019-09-27)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
Releases(v0.3.1)
  • v0.3.1(Apr 21, 2023)

  • v0.3.0(Apr 21, 2023)

    • Added arguments to the CLI tool
      • -a, --all Print all sections of PE
      • -c, --coff Print COFF header
      • -o, --optional Print optional section (if present)
      • -s, --section Print section table
    • Added automated tests (see action for how to run tests locally)
    • Numerous fixes and better code practices (should panic less often now)
    • Significantly improved documentation
    • Bitflags renamed
    Source code(tar.gz)
    Source code(zip)
  • v0.2.0(Apr 19, 2023)

    • Created a new PortableExecutable struct to handle parsing of the whole binary and implement pretty printing
    • Fixed some issues with visibility and introduced lib.rs to allow pe-parser to be used as a library
    • Moved secondary parsing actions e.g. u16 -> MachineTypes to traits implemented on each struct for ease of use as a library
    Source code(tar.gz)
    Source code(zip)
Owner
Isaac Marovitz
Hi, I code
Isaac Marovitz
Fast and simple datetime, date, time and duration parsing for rust.

speedate Fast and simple datetime, date, time and duration parsing for rust. speedate is a lax† RFC 3339 date and time parser, in other words, it pars

Samuel Colvin 43 Nov 25, 2022
A fast little combinational parsing library.

neure A fast little combinational parsing library Performance rel is mean release, fat is mean release with lto=fat See examples Example use neure::*;

loren 9 Aug 16, 2023
Fast fail2ban-like tools for parsing nginx logs

Fast2ban This is simple fail2ban-like replacement written in Rust. Usage: ./fast2ban # reads default config.toml from current directory ./fast2ban <co

null 36 May 10, 2023
S-expression parsing and writing in Rust

rsexp S-expression parsing and writing in Rust using nom parser combinators. This implemantion aims at being compatible with OCaml's sexplib. The main

Laurent Mazare 12 Oct 18, 2022
Tutorial for parsing with nom 5.

Nom Tutorial Nom is a wonderful parser combinators library written in Rust. It can handle binary and text files. Consider it where you would otherwise

Benjamin Kay 265 Dec 11, 2022
Lightweight parsing for Rust proc macros

Lightweight parsing for Rust proc macros Venial is a WIP parser for Rust proc macros. When writing proc macros that need to parse Rust code (such as a

Olivier FAURE 148 Dec 30, 2022
Static-checked parsing of regexes into structs

Statically-checked regex parsing into structs. This avoids common regex pitfalls like Off by one capture indexes Trying to get nonexistent captures De

Andrew Baxter 4 Dec 18, 2022
Like wc, but unicode-aware, and with per-line mode

Like wc, but unicode-aware, and with per-line mode

Skyler Hawthorne 34 May 24, 2022
Neofetch but in Rust (rust-toml-fetch)

rtfetch Configuration Recompile each time you change the config file logo = "arch.logo" # in src/assets. info = [ "", "", "<yellow>{host_n

Paolo Bettelini 6 Jun 6, 2022
Parsley, Sage, Rosemary, but no Thyme

Parsley, Sage, Rosemary, but no Thyme A tiny command line tool that runs your command for you and tries to tell you how much longer the damn thing is

Hendrik Sollich 3 Dec 29, 2022