A forum for reverse engineering, OS internals and malware analysis 

Forum for announcements and questions about tools and software.
 #31337  by EP_X0FF
 Thu Mar 15, 2018 6:23 am
Current version 1.5.3 from 8 March 2018
https://github.com/hfiref0x/WinObjEx64/ ... r/Compiled

Release 1.5.0 from 22 Sep 2017
https://github.com/hfiref0x/WinObjEx64/releases

Changelog since last posted information in this thread:

v 1.5.0
added Partition, DxgkCurrentDxgProcessObject objects description
added mailslots viewer dialog
added file properties for drivers (menu -> extras -> Drivers)
added FltConnectionPort object dump
switched to hde instead of ldasm
fixed Wine behavior along with some bugs

v 1.5.1, 1.5.2
are bugfixes/refactoring mostly

v 1.5.3
provides workaround for issue found by diversenok
 #31993  by EP_X0FF
 Thu Aug 16, 2018 8:03 am
v1.5.4

Added display of Process Trust Label for Directory object type.

Links same as above.
 #32969  by EP_X0FF
 Sun Jun 02, 2019 4:47 am
v1.7.4

added software licensing cache view (extras)
resolve apisets while viewing shadow table in Windows 10 20H1 >= 18890 builds
fix displaying sid user/domain information for private namespaces
added refresh (f5) for private namespace dialog

v1.7.3

threads list in processes dialog
view file properties for KisServiceTable/W32pServiceTable dialogs
process/thread/token object properties dialogs
bugfixes

v1.7.2

symbolic link object dump
internal fixes after profiling
support for 19H1 SeCiCallbacks scan
added and updated more object type descriptions

v1.7.1

SeCiCallbacks/g_CiCallbacks, DbgkLmdCallbacks added to the callbacks viewer
Session object view and access rights, merge pull request #8 #9
fixed regression added in 1.7.0
treelist updated


Downloads -> https://github.com/hfiref0x/WinObjEx64/releases