10.05
Remember how last week we decided not to publish some tools? Well it has been brought to our attention that we can publish the binaries and later publish the source with the next TitanEngine update which is very close as it is. That is why this Monday we decided to publish TitaniumOverlay tool.
As stated last week, TitaniumOverlay is a very simple PeID plugin designed to aid in packed binary analysis. Specifically to aid in install format overlay analysis. Being that most install formats store interesting information inside overlay tool that can extract, copy, remove and add overlay can come in handy. Tool itself also informs the user about location and the size of the overlay so that you can go to that location with your favorite hex editor and inspect or manipulate the data.
Don't get confused by the empty selected file field in the plugin's main window. That field is reserved only for adding data to overlay or moving overlay from one PE file to another. So depending on the action you want to perform you either select a PE file (in case you are moving overlay from one PE file to another) or a binary file if you are appending data as an overlay to PE file.
This plugin makes use of TitanEngine overlay functions and its full source will be available with the next TitanEngine release.
Download TitaniumOverlay PeID plugin
