PE Parsing, but blazing fast

Isaac Marovitz

Last update: Apr 21, 2023

Overview

PE Parser

A blazing fast 🔥 PE Parser written in Rust

Motivation

The main goals of pe-parser is to write something suitable for a PE Loader.

Is editing supported?

Currently no, but it wouldn't be too difficult to add from the current backbone.

How does it handle unsual or malformed PEs?

As long as the PE conforms to the standard outlined in Microsoft's documentation, it should read fine. Malformed PEs would likely run into issues of either returning an error or misreading data.

What is parsed right now?

COFF Header
Optional Header
Data Directories
Section Tables/Headers

What is not parsed yet?

COFF Relocations
COFF Line Numbers
COFF Symbol Table
COFF String Table
Certificate Table
Delay-Load Import Table
.debug Section
.drectve Section
.edata Section
.idata Section
.pdata Section
.reloc Section
.tls Section
Load Config Structure
.rsrc Section
.cormeta Section
.sxdata Section

🗝️ Superbacked, but in Rust

Hyperbacked A clone of Superbacked, written in Rust. Basically, it stores secrets securely using printable PDFs that contain encrypted QR-Codes. The e

46 Jan 26, 2023

MCUboot, but in Rust

MCUboot - In Rust This project is the beginnings of a fresh implementation of MCUboot in Rust. At this point, it implements SHA256 image verification,

4 Oct 28, 2023

A fast uuid generator in Python using Rust

ruuid A fast UUID generator for Python built using Rust. Its a simple wrapper on top of Rust's UUID crate. How to use? Installation: pip3 install ruui

19 Jul 13, 2022

Automatically deploy from GitHub to Replit, lightning fast ⚡️

repl.deploy Automatically deploy from GitHub to Replit, lightning fast ⚡️ repl.deploy is split into A GitHub app, which listens for code changes and s

78 Dec 22, 2022

fast rust implementation of online nonnegative matrix factorization as laid out in the paper "detect and track latent factors with online nonnegative matrix factorization"

ONMF status: early work in progress. still figuring this out. code still somewhat messy. api still in flux. fast rust implementation of online nonnega

2 Apr 10, 2020

a super fast scientific calculator with dimensional analysis support written in Rust 🦀

larvae a super fast scientific calculator with dimensional analysis support written in Rust 🦀 🐛 heavily inspired from insect Usage: Command mode: $

2 Jan 10, 2022

A fast lean and clean modern constraint programming solver implementation (in rust)

MaxiCP-rs This project aims at implementing a fast, and clean constraint programming solver with a focus on correctness, simplicity, maintainability a

5 Dec 10, 2022

A fast, iterative, correct approach to Stackblur, resulting in a very smooth and high-quality output, with no edge bleeding

A fast, iterative, correct approach to Stackblur, resulting in a very smooth and high-quality output, with no edge bleeding. This crate implements a t

8 Nov 22, 2022

Macro for fast implementing serialize methods in serde::Serializer trait

impl_serialize! This library provides a simple procedural macro for fast implementing serialize methods in serde::Serializer trait. [dependencies] imp

2 Sep 6, 2022

Comments

Bump num-derive from 0.2.5 to 0.3.3
Bumps num-derive from 0.2.5 to 0.3.3.

Changelog

Sourced from num-derive's changelog.

Release 0.3.3 (2020-10-29)

Make NumOps work with no_std -- thanks @jedrzejboczar!

Release 0.3.2 (2020-08-24)

Add #[inline] to all derived functions -- thanks @Amanieu!

Release 0.3.1 (2020-07-28)

Add num_traits proc_macro helper for explicit import - thanks @jean-airoldie!

Provide nicer parse errors and suggest "full-syntax"

Release 0.3.0 (2019-09-27)

Updated the proc-macro2, quote, and syn dependencies to 1.0, which raises the minimum supported rustc to 1.31.

Commits

61a6e52 Merge #41

b968aa7 Release 0.3.3

27390e8 Make licensing more explicit

bf5b106 Expand no_std tests in CI

e718189 Use ::core::ops when deriving NumOps to work with no_std

2d19853 Merge #40

2e86b33 Release 0.3.2

5e7e58c Add #[inline] to all function generated by #[derive]

d5ddaed Add a release note for #35

77c551f Merge #39

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0

Releases(v0.3.1)

v0.3.1(Apr 21, 2023)
Fix many panics

Added fuzzing

Source code(tar.gz)
Source code(zip)
v0.3.0(Apr 21, 2023)
Added arguments to the CLI tool

-a, --all Print all sections of PE

-c, --coff Print COFF header

-o, --optional Print optional section (if present)

-s, --section Print section table

Added automated tests (see action for how to run tests locally)

Numerous fixes and better code practices (should panic less often now)

Significantly improved documentation

Bitflags renamed

Source code(tar.gz)
Source code(zip)
v0.2.0(Apr 19, 2023)
Created a new PortableExecutable struct to handle parsing of the whole binary and implement pretty printing

Fixed some issues with visibility and introduced lib.rs to allow pe-parser to be used as a library

Moved secondary parsing actions e.g. u16 -> MachineTypes to traits implemented on each struct for ease of use as a library

Source code(tar.gz)
Source code(zip)