[Vol-dev] New On this list

Hi! I'm new to this list but I'd like to help on a few parts of the PE parsing apparati. I will be reviewing the source this week. Is there any objection to a -v (verbose) flag which would output offsets to header references to the specified objects to assist with manual image inspection? Typically I use automated tools to an extent, but another feature I'd like to add is actual PE extraction if the executable was fully loaded into memory (say the file self removes, or a rootkit lives only in RAM). This way we could plug things directly into objdump or another disassembler of choice (IDA Pro here). Thoughts? Suggestions? Regards, Jason Reynolds