Processed through Paypal
No account required.

Donate Bitcoin to this wallet:
Donate Ethereum to this wallet:
Donate Litecoin to this wallet:

  Our merchandise, sold here, helps keep the site alive.  

Facebook Follow @GeekOnTheLoose

 Home » Freeware Downloads » Programming, Coding & Software Development » pelook 1.58   
File - Download pelook 1.58

Always scroll to the bottom of the page to download files on
We don't believe in fake/misleading download buttons and tricks.

pelook 1.58
Pelook is a comprehensive information tool for 32 and 64 bit Windows EXE, DLL, driver and OBJ files (PE/COFF images). This tool is suitable for reverse engineers or anyone needing to delve into the internals of Windows PE files. At first glance, pelook may seem a lot like Microsoft's dumpbin tool, however you'll find it has many additional features and doesn't have the unnecessary verbosity of dumpbin. Rather than blindly dumping fields from the various headers and sections that comprise a PE image, pelook creates an intelligent report of the most useful information in the most compact form possible without sacrificing readibility. Why shouldn't you be able to see the target architecture, dependency DLLs, section list, loader flags, supported .NET framework and version resource all within the same screenful of information and all within the same tool?

Pelook was originally written for the virtual memory map display and pointer to image-file-offset conversions; two features I always needed but never found in other PE dumping tools. Pelook combines the most widely used features in these popular tools in addition to other useful features:

Dumpbin - Microsoft's PE/COFF header dump tool
Depends - Microsoft's Dependency Walker imports/exports tool
filever - Microsoft's version information resource dump tool
clrver - Microsoft's CLR version tool (determine .NET Framework version needed for an EXE)

Some of pelook's features are:

Support for both 32-bit and 64-bit Windows modules (PE32 and PE32+, a.k.a. PE64)
Dump COFF and section headers (Portable Executable/OBJ files)
Dump Data Directory table
Dump Debug Directory Summary (recognition of Microsoft and Borland debug)
Dump import and delay-import dependency DLLs and associated functions (or just a DLL name list in quiet mode)
Resolve full paths to dependency DLLs similar to the Windows loader search
Dump export table
Dump resource tree
Dump initial bytes of entry point or disassemble them; for disassembly feature, download disasmdump and place both executables in same directory
Dump version resource block with the standard entries (or just basic versioning in quiet mode)
Dump exception function table in PE64 images (.pdata section)
Detect and display CLR (.NET) header with versioning information and framework dependencies without needing to run the program (the clrver utility requires this); pelook also has no .NET dependencies
Display module's virtual memory map (pointers and image-file offsets, invaluable for manual hex editing); NOTE: if you want to see RVAs instead of pointers, override the load base with zero (i.e. -b 0)
Easily see memory access attributes for each section (Helps to answer, "Why am I getting an AV when patching code to write to a particular section")
Convert between pointer addresses and image-file offsets right from the command line (useful alongside debugging and hex editing)
The ability to override the preferred load base, affecting the output of pointers, virtual memory layout and exported function entry-points; invaluable for ASLR debugging
Decoding of timestamps and composition of bit flags as well as other named constants using "trimmed" SDK identifiers (e.g. decoding OS, subsystem, characteristics, etc.)
Recognition of EOF data (data at the end of PE image file that is not loaded into virtual memory by the Windows loader)
Automatic calculation and verification of checksum
Import table shows IAT slot column where loader stores runtime address (helpful for setting debugger breakpoints or API hooking)
Display base relocations: pointers, file offsets and target section
Support for parsing and dumping the undocumented Microsoft "Rich" header
Detection of Microsoft toolsets as far back as 1998: Visual C++ (>=6.0) and MASM (>=6.13); also view (compiler id) and @feat.00 values within OBJ files
Unlike most PE tools, pelook supports x86 and x64 COFF OBJ files, in addition to correctly identifying all major 16-bit "MZ" image header formats (e.g. plain DOS, Windows LE, etc.)
Minimal ELF detection (Unix/Linux)
Summary analysis of the DOS header and stub

Requires MSVC runtime dependency

2018-04-18 1.58 -added signatures for VS.NET 7.0 BETA1 (6.15.9030) and BETA2 (7.00.9254)
-added detection for VS.NET BETAs and latest 7.1 to detect MASM tool directly via the MS "Rich" tool ids;
I still need to fill in the the rest of the toolids for other Visual Studio versions

Continue below to download this file.

Downloads Views Developer Last Update Version Size Type Rank
986 1,540 BYTE* <img src=""border="0"> Sep 20, 2018 - 11:46 1.58 39.9KB ZIP 5/5, out of 12 Votes.
File Tags
pelook  1.58  

Whoa, Speedy. Your download link is below
but ya gotta read this first:

Like seeing no ads? No scammy, fake download buttons?
Wondering who's paying for the bandwidth? Well, we're
depending on you. This site operates on the honor system.
If your momma raised you to be honorable, you get to go
nuts downloading all you want after you make a donation.
This is how the ginormous, monthly bandwidth bill gets paid.
No one is stopping you from downloading without donating,
no one except your momma.
Thank you! -Randy & Deanna (The Older Geeks)

Monthly operating costs = $560
Donations for December = $59
Donations over our monthly goal
are set aside for future upgrades.

Processed securely through Paypal.
No PayPal account required.

Donate Bitcoin: 1KkUMXvQ2ko3xcJkzitB7WYgoW6m79WFfm
Donate Ethereum: 0x40E56922F43637224935CDC35e2c96E0392A8505
Donate Litecoin:LLYAFEyqjH69gkyCEpRjXNyedRCWrVChfL

Recent Super Donors ($50+)
Thanks, DrChip Computer Serv.
Thanks, Thomas
Thanks, Dario

Recent Donors
Thanks, George
Thanks, Faccenda Law Firm, LLC
Thanks, Tom
Thanks, Gary
Thanks, Billy
Thanks, Alex
Thanks, jvormelker(dot)com
Thanks, Advanced Systems Engineering
Thanks, Christopher
Thanks, Brian

   →→ Download Now ←← - Click to Rate File -
Like? Share this page on Twitter →

Copyright (c) 2019