Peimports - based on golang's debug/pe this package gives quick access to the ordered imports of pe files with ordinal support

Overview

This code is almost entirely derived from the Go standard library's debug/pe package. It didn't provide access to ordinal based entries in the IAT and for a particular use case it performed more work parsing a PE file that needed. This package is just reduced down heavily so that ordinals are provided and an object has a ImportedSymbols method only.

	peObj, err := peimports.NewFile(f)
	if err != nil {
		panic(err)
	}

	fmt.Println(peObj.ImportedSymbols())

Will print output such as:

[12:WS2_32.dll 115:WS2_32.dll 11:WS2_32.dll 9:WS2_32.dll 19:WS2_32.dll 21:WS2_32.dll 116:WS2_32.dll 16:WS2_32.dll 23:WS2_32.dll 3:WS2_32.dll 52:WS2_32.dll 4:WS2_32.dll CreateFileA:KERNEL32.dll GetFileSize:KERNEL32.dll SetPriorityClass:KERNEL32.dll SetFilePointer:KERNEL32.dll SetErrorMode:KERNEL32.dll FreeLibrary:KERNEL32.dll GetCurrentProcess:KERNEL32.dll WaitForSingleObject:KERNEL32.dll GetModuleHandleW:KERNEL32.dll GetTickCount:KERNEL32.dll VirtualFree:KERNEL32.dll GetWindowsDirectoryA:KERNEL32.dll WriteFile:KERNEL32.dll GetCommandLineA:KERNEL32.dll LoadLibraryW:KERNEL32.dll TerminateThread:KERNEL32.dll Sleep:KERNEL32.dll CreateSemaphoreA:KERNEL32.dll CreateProcessA:KERNEL32.dll TerminateProcess:KERNEL32.dll ReadFile:KERNEL32.dll ExitThread:KERNEL32.dll ReleaseSemaphore:KERNEL32.dll GetLastError:KERNEL32.dll GetProcAddress:KERNEL32.dll LoadLibraryA:KERNEL32.dll GetExitCodeThread:KERNEL32.dll GetModuleHandleA:KERNEL32.dll VirtualProtect:KERNEL32.dll CloseHandle:KERNEL32.dll DeleteFileW:KERNEL32.dll GetCurrentProcessId:KERNEL32.dll GetTempPathA:KERNEL32.dll CreateThread:KERNEL32.dll WideCharToMultiByte:KERNEL32.dll FormatMessageW:KERNEL32.dll ExitProcess:KERNEL32.dll LocalAlloc:KERNEL32.dll LocalSize:KERNEL32.dll GetPriorityClass:KERNEL32.dll OpenProcess:KERNEL32.dll Process32FirstW:KERNEL32.dll Process32NextW:KERNEL32.dll CreateToolhelp32Snapshot:KERNEL32.dll MultiByteToWideChar:KERNEL32.dll SetProcessPriorityBoost:KERNEL32.dll CopyFileW:KERNEL32.dll GetModuleFileNameW:KERNEL32.dll GetTempPathW:KERNEL32.dll QueueUserAPC:KERNEL32.dll CopyFileA:KERNEL32.dll VirtualAllocEx:KERNEL32.dll GetModuleFileNameA:KERNEL32.dll lstrcatW:KERNEL32.dll WriteProcessMemory:KERNEL32.dll ResumeThread:KERNEL32.dll GlobalLock:KERNEL32.dll GlobalAlloc:KERNEL32.dll GlobalUnlock:KERNEL32.dll GlobalFree:KERNEL32.dll DeleteFileA:KERNEL32.dll GetUserDefaultLCID:KERNEL32.dll GetStringTypeW:KERNEL32.dll QueryPerformanceCounter:KERNEL32.dll GetEnvironmentStringsW:KERNEL32.dll FreeEnvironmentStringsW:KERNEL32.dll GetLocaleInfoW:KERNEL32.dll InterlockedExchange:KERNEL32.dll SetConsoleCtrlHandler:KERNEL32.dll GetTimeZoneInformation:KERNEL32.dll RtlUnwind:KERNEL32.dll GetLocaleInfoA:KERNEL32.dll EnumSystemLocalesA:KERNEL32.dll IsValidLocale:KERNEL32.dll HeapReAlloc:KERNEL32.dll SetStdHandle:KERNEL32.dll WriteConsoleW:KERNEL32.dll InitializeCriticalSection:KERNEL32.dll CompareStringW:KERNEL32.dll SetEnvironmentVariableA:KERNEL32.dll CreateFileW:KERNEL32.dll SetEndOfFile:KERNEL32.dll GetProcessHeap:KERNEL32.dll InterlockedCompareExchange:KERNEL32.dll lstrlenW:KERNEL32.dll LCMapStringW:KERNEL32.dll FlushFileBuffers:KERNEL32.dll GetConsoleMode:KERNEL32.dll GetConsoleCP:KERNEL32.dll FatalAppExitA:KERNEL32.dll HeapDestroy:KERNEL32.dll HeapCreate:KERNEL32.dll DeleteCriticalSection:KERNEL32.dll GetFileType:KERNEL32.dll InitializeCriticalSectionAndSpinCount:KERNEL32.dll GetStdHandle:KERNEL32.dll SetHandleCount:KERNEL32.dll RaiseException:KERNEL32.dll HeapSize:KERNEL32.dll GetCurrentThread:KERNEL32.dll GetCurrentThreadId:KERNEL32.dll SetLastError:KERNEL32.dll TlsFree:KERNEL32.dll TlsSetValue:KERNEL32.dll TlsGetValue:KERNEL32.dll TlsAlloc:KERNEL32.dll IsValidCodePage:KERNEL32.dll EncodePointer:KERNEL32.dll DecodePointer:KERNEL32.dll HeapFree:KERNEL32.dll EnterCriticalSection:KERNEL32.dll LeaveCriticalSection:KERNEL32.dll GetSystemTimeAsFileTime:KERNEL32.dll HeapAlloc:KERNEL32.dll HeapSetInformation:KERNEL32.dll GetStartupInfoW:KERNEL32.dll UnhandledExceptionFilter:KERNEL32.dll SetUnhandledExceptionFilter:KERNEL32.dll IsDebuggerPresent:KERNEL32.dll IsProcessorFeaturePresent:KERNEL32.dll GetCPInfo:KERNEL32.dll InterlockedIncrement:KERNEL32.dll InterlockedDecrement:KERNEL32.dll GetACP:KERNEL32.dll GetOEMCP:KERNEL32.dll GetDC:USER32.dll ReleaseDC:USER32.dll CopyIcon:USER32.dll GetDesktopWindow:USER32.dll MessageBoxW:USER32.dll SetSystemCursor:USER32.dll GetClientRect:USER32.dll LoadCursorW:USER32.dll GetSystemMetrics:USER32.dll BitBlt:GDI32.dll StretchBlt:GDI32.dll DeleteObject:GDI32.dll SelectObject:GDI32.dll CreateCompatibleDC:GDI32.dll CreateCompatibleBitmap:GDI32.dll GetObjectW:GDI32.dll SetStretchBltMode:GDI32.dll GetDIBits:GDI32.dll AdjustTokenPrivileges:ADVAPI32.dll LookupPrivilegeValueW:ADVAPI32.dll OpenProcessToken:ADVAPI32.dll ShellExecuteA:SHELL32.dll SHGetSpecialFolderPathA:SHELL32.dll CoInitialize:ole32.dll CoUninitialize:ole32.dll CoCreateInstance:ole32.dll 4:OLEAUT32.dll 6:OLEAUT32.dll 8:OLEAUT32.dll GdipGetImageEncodersSize:gdiplus.dll GdiplusStartup:gdiplus.dll GdipCloneImage:gdiplus.dll GdipSaveImageToFile:gdiplus.dll GdiplusShutdown:gdiplus.dll GdipFree:gdiplus.dll GdipAlloc:gdiplus.dll GdipDisposeImage:gdiplus.dll GdipCreateBitmapFromHBITMAP:gdiplus.dll GdipGetImageEncoders:gdiplus.dll]

Notice that the WS2_32.dll imports are numeric which means they are imported using an ordinal number.

Owner
Mike Wiacek
Mike Wiacek
Goimportcycle - a tool to visualize Go imports resolved to the file level

Go Import Cycle goimportcycle is a tool to visualize Go imports resolved to the

Sam L 28 Apr 24, 2022
Gowl is a process management and process monitoring tool at once. An infinite worker pool gives you the ability to control the pool and processes and monitor their status.

Gowl is a process management and process monitoring tool at once. An infinite worker pool gives you the ability to control the pool and processes and monitor their status.

Hamed Yousefi 18 May 11, 2022
Very simple charts with some debug data for Go programs

debugcharts Go memory debug charts. This package uses Plotly chart library. It is open source and free for use. Installation go get -v -u github.com/m

Marko Kevac 475 May 18, 2022
List files and their creation, modification and access time on android

andfind List files and their access, modification and creation date on a Android

Tek 2 Jan 5, 2022
Quick and dirty debugging output for tired Go programmers

q q is a better way to do print statement debugging. Type q.Q instead of fmt.Printf and your variables will be printed like this: Why is this better t

Ryan Boehning 1.4k May 20, 2022
Go package for reading from continously updated files (tail -f)

Go package for tail-ing files A Go package striving to emulate the features of the BSD tail program. t, err := tail.TailFile("/var/log/nginx.log", tai

HPE Helion 2.3k May 20, 2022
Lumberjack is a Go package for writing logs to rolling files.

Lumberjack is a Go package for writing logs to rolling files.

Go微服务 4 Feb 24, 2022
Drop-in replacement for Go's stringer tool with support for bitflag sets.

stringer This program is a drop-in replacement for Go's commonly used stringer tool. In addition to generating String() string implementations for ind

null 0 Nov 26, 2021
Tlog - Golang log but via telegram bot support

tlog golang log but via telegram bot support how to use tlog.LinkBot("token", "c

Mahdi Akbari 4 May 6, 2022
Golog is a logger which support tracing and other custom behaviors out of the box. Blazing fast and simple to use.

GOLOG Golog is an opinionated Go logger with simple APIs and configurable behavior. Why another logger? Golog is designed to address mainly two issues

Damiano Petrungaro 20 May 16, 2022
Simple & efficient Go library for getting daily foreign exchange rates. Built-in support for 50+ currencies.

go-forex Simple and efficient Go library for getting daily foreign exchange rates. Built-in support for ca. 50 currencies. Also includes a simple comm

wowsignal.io 6 Apr 4, 2022
A simple daemon which will watch files on your filesystem, mirror them to MFS, automatically update related pins, and update related IPNS keys.

ipfs-sync is a simple daemon which will watch files on your filesystem, mirror them to MFS, automatically update related pins, and update related IPNS keys, so you can always access your directories from the same address. You can use it to sync your documents, photos, videos, or even a website!

null 71 May 6, 2022
A simple web service for storing text log files

logpaste A minimalist web service for uploading and sharing log files. Run locally go run main.go Run in local Docker container The Docker container a

Michael Lynch 218 May 10, 2022
BRUS - Parses your web server (e.g. nginx) log files and checks with GreyNoise how much noise your website is exposed to.

BRUS bbbbbb rrrrrr u u sssss b b r r u u s bbbbbb rrrrrr u u sssss b b r r u u s bbbbbb r r

dubs3c 0 Jan 7, 2022
Package httpretty prints the HTTP requests you make with Go pretty on your terminal.

httpretty Package httpretty prints the HTTP requests of your Go programs pretty on your terminal screen. It is mostly inspired in curl's --verbose mod

Henrique Vicente 256 May 4, 2022
Structured logging package for Go.

Package log implements a simple structured logging API inspired by Logrus, designed with centralization in mind. Read more on Medium. Handlers apexlog

Apex 1.2k May 18, 2022
lumberjack is a log rolling package for Go

lumberjack Lumberjack is a Go package for writing logs to rolling files. Package lumberjack provides a rolling logger. Note that this is v2.0 of lumbe

Nate Finch 3.3k May 12, 2022
A Go (golang) package providing high-performance asynchronous logging, message filtering by severity and category, and multiple message targets.

ozzo-log Other languages 简体中文 Русский Description ozzo-log is a Go package providing enhanced logging support for Go programs. It has the following fe

Ozzo Framework 118 Jan 11, 2022
With this package you can create your own syslog server with your own handlers for different kind of syslog messages

Using this library you can easy implement your own syslog server that: Can listen on multiple UDP ports and unix domain sockets. Can pass parsed syslo

Michał Derkacz 68 Dec 15, 2021