portable-executable

I need to parse plain Win32 DLL/Exe and get all imports and exports from it to show on console or GUI (i.e. Win Forms). Is it possible to parse Win32 DLL/Exe in C#.NET by reading its export/import tables and get managed types from it? As it's unmanaged PE, .NET doesn't allows you to convert unmanaged PE files to managed .NET assemblies, it only generates COM managed assemblies. How can I parse these tables and take all of its methods (signatures) in managed form. (e.g. if char* as argument, it should display as IntPtr). Stephen Cleary Parsing PE files is possible using the Microsoft Portable

So I want to make a space for my code caves in minesweeper.exe (typical Windows XP minesweeper game, link: Minesweeper ). So I modified the PE header of the file via CFF Explorer to increase size of the .text section. I tried increasing raw size of .text segment by 1000h (new size was 3B58), but Windows was unable to locate the entry point and the game failed to launch. Then I tried increasing the size of the .rsrc section, adding a new section, increasing the image size, but none of those attempts were successful, Windows was saying that "This is not x32 executable". So here is the question:

How can I programatically analyze a native DLL to read its imports? [EDIT: my original question looked like the following, along with a huge chunk of defective code. Please see answers below for more correct code.] The C# code located at this link is intended to print the imports of a native DLL. I find that when I run the sample code with the original example's target, MSCOREE.DLL, it prints all the imports fine. But when I use other dlls like GDI32.DLL or WSOCK32.DLL the imports do not get printed. What's missing from this code that would let it print all the imports as, for example, DUMPBIN

I am looking for sample code (or libraries) that can help me validate digital signatures for Windows PE files (.exe, .dll, .cab, .etc) on non-Windows platforms using C++. I am looking for a platform-independent approach. Thanks! You could check at WINE's WinVerifyTrust implementation for a full programmatic way. And, actually, here is a good link How to verify executable digital signatures under Linux? that complains about WINE implementation (that was back in 2008), and thus, explains the process in a quite "portable" way, provided you have something similar to OpenSSL available in your

My goal is to fill in Dll's import table manually in order to hook internal LoadLibrary calls (when you load library it may load another library inside its DllMain). Here is my code which fill in Import table recursively for each dll in dependecies hierarchy and it works fine except some dlls ( api-ms-win-crt-locale-l1-1-0.dll in this case). void PEUtility::fillImportTable(HMODULE loadedModule, FillImportFlag flag, std::function<void(HMODULE&)> callback) { std::stack<HMODULE> modules; modules.push(loadedModule); while (modules.size()) { auto module = modules.top(); modules.pop(); auto