The portable executable (PE) file format is a one of the most important to understand when reverse engineering, performing malware analysis or even as a penetration tester. In this video, we'll take a deep dive into the export table to get a good understanding of how libraries export code. You'll learn the key structures that contain the export information, along with how to navigate these structures in a hex editor and a debugger. This allows you to not only identify when software is resolving its own import table, but also enables you to understand how to do it yourself. These discussions will lead to further videos in which we look at samples that employ these techniques and get handson experiencing analyzing them.
Cybersecurity, reverse engineering, malware analysis and ethical hacking content!
Courses on Pluralsight https://www.pluralsight.com/authors/j...
YouTube Like, Comment & Subscribe!
Support my work / joshstroschein
Follow me / jstrosch , / joshstroschein
⚙ Tinker with me on Github https://github.com/jstrosch
Tools: 010 Editor, PEStudio, DetectItEasy, WinDbg