Hiew8 DEMO (based on release 8.13) http://www.hiew.ru/ Release notes: version 7.40 New engines are for 64bits disassmbler and assembler with x86-64 commands full support. Added PE32+ format support. Crypt grow up 64bit too. **VERY IMPORTANT**: Command MUL and DIV are changed ! (See section 'Crypt' for details) For migrate previous crypt-program are *attentively* examine use the commands DIV/MUL and replace first line to '[HiewCrypt 6.70]'. Release notes: version 7.00 After a considerable delay version 7.00 of Hiew has been released. There are many new features: - Hiew does not support DOS or OS/2 operating systems any longer. - Hiew now works with files and blocks of any size, so it can be used with all physical and logical drives in the system (provided user has sufficient access rights of course). - Keyboard macros - Progress bar - Fixups highlighting for PE and MZ - Following offset based jumps/calls with one touch (for example, when Hiew encounters a call d,[12345678] instruction, it checks if the value at the offset of 12345678 looks like VA, and assigns this call a number: call d,[12345678] ;.87654321 --- (1) ) - New algorithm for reading the Import Table. - Search speed has been slightly (~5-7%) increased. **VERY IMPORTANT**: Assembler search wildcards have been changed. They are unified with the File wildcards now (see 'String Wildcards') Release notes: version 6.70 Crypt is 32-bit now. Crypt programs (*.cry) are written in text format now. Old binary format from version 5.01 will be supported by current version (6.7x) only! Tho new operators were added: AND, OR. Programs can be up to 32 lines long. Lines starting with ';' treated as comments. Release notes: version 6.60 Support for little-endian ELF executables EDUMP - common dumper for NE/LX/LE/PE/ELF files Release notes: versions 6.29/6.30 32-bit console version for Windows. PEDUMP.EXE - dumper for PE files. All utilities have versions compiled for DOS, OS/2, and Win32 Release notes: version 6.15 Starting with this release HIEW is SHAREWARE. See register.txt for details. Release notes: version 6.00

New features in version 6.00: - "crypt" has been removed (it will be a separate project) - Switching between files specified in the command line moved to CtrlF11/CtrlF12. - Alt- functions moved to Alt-Fn (except for Alt-P, Alt-H, Alt-=). See hiew.hlp for details. - History has been added for string input (PgDn) and file section (press Backspace for menu, Tab to select next file in history). - "ActionAfterWriteSavefile" option removed from the ini-file. - "NextFileSaveOffset" option (preserve current offset for next file) replaced by "NextFileSaveOffset" option (preserve current state for next file) Contents About HIEW Assembler mode (DEMO N/A) Basing Block operations Status bar Keys Bookmarks Jumps (call/jmp) in disassembler mode String wildcards Search and replace Crypt (DEMO N/A) Local and Global offsets Keyboard macros (DEMO N/A) Text string extraction INI file (DEMO N/A) SAV file (DEMO N/A) XLT file structure Command line

About HIEW Basically HIEW is a hex viewer for those who need to change some bytes in the code (usually 7xh to 0EBh). Hiew can view files of unlimited length in text, hex, and disassembler modes. * * * * * * * * * * * * * * * Features: displaying files of any length in text, hex, and decode modes view, edit, search/replace for unicode x86-64 disassembler & assembler physical & logical drive view & edit support for NE, LE, LX, PE, PE32+ and little-endian ELF executable formats support for Netware Loadable Modules like NLM, DSK, LAN,... following direct call/jmp instructions in any executable file with one touch built-in simple 64bit decrypt/crypt system built-in powerful 64bit calculator operations with blocks of arbitrary length: read, write, fill, copy, move, insert, delete, crypt multifile search and replace editing the NewExecutable files header keyboard macros unicode support Hiew Extrenal Module (HEM) support

Assembler mode Not available in DEMO version

For true assemblers! All numbers are hexadecimal by default, but the suffix "t" changes to decimal (e.g. mov al,10t). Possible use string as immed operand (e.g. mov eax,"sign") Constant arithmetics is supported (i.e. mov bx, [123+23-46h] produces same results as mov bx,[100h]). Error messages are very brief (invalid command, syntax error, invalid operand, missing/invalid size). Three non-standart commands exists: jmps = jmp short jmpf = jmp far [mem 16:16/32/64] callf = call far [mem 16:16/32/64] Commands can be assembled different way. Since version 7.40 appeared the possibility of the choice: F4 when entering the assembler command switches to choose from available variants or put the command of the minimum length. Under included options 'nop' will offers the different length from 1-9 bytes. Basing Base is a constant that is added to all offset and jump addresses. If current offset is YY, and you want it to be XX, you can enter "*XX" as a base (note the asterisks!). Pressing Ctrl-F5/Ctrl-F5 produces same result. Block operations Block operations work only in "Hex" and "Decode" modes. You can mark blocks without switching to Edit. Marked block can be written to a file by pressing F2 (PutBlk). To append the block to the end of file, type '*' character. You can load a block from another file by pressing Ctrl-F2 (GetBlk). Block will be loaded at the current offset. Since version 6.10, if nothing is marked in the current file, history is searched for the latest file where the block is marked, and this block is used. Status Bar xx% Filename.ext .dFRO -------- xxx PE xxxxxxxxHiew8 DEMO (c)SEN percentage current progress bar will indicator offset appear here (when BAR=P V in HIEW.INI) neexecutable type V file name > * Text mode: index of the first column kbmacro state: