Inspiration
The original idea was to build a parser and then disassembler for x86. This would allow me to run my python script on some arbitrary 32 bit PE file have a sense of the code it will execute. While there are already disassemblers (ghidra, ida, etc) and PE parsers (see PEbear), I felt that making my own would help me learn more about what these tools are doing under the hood. The other goal was to get familiar with the PE file format.
What it does
The script opens a binary file and starts reading it. It looks for magic bytes to validate that the target file is a PE file and extracts information from the PE headers if so.
How we built it
I followed a blogpost that describes the PE file format and wrote a python script to parse those objects: https://0xrick.github.io/win-internals/pe4/
What's next for PE headers parser
What's next is to write my own x86 disassembler and add that to this project.
Log in or sign up for Devpost to join the conversation.