DumpPE is a tool I wrote many years ago to solve the perennial problem of knowing how, and often why, some thing works the way it does. I work in the device driver arena, and while some things are documented, other details are implied or hidden and some times the documentation is just wrong or misleading.
In the late eighties, I don't recall exactly when, I discovered a program called Sourcer, a PC disassembler written by Frank van Gilluwe. Compared to the console debugging tools of the day this was something revolutionary. Sourcer is a very powerful disassembler, it's power comes from it's ability to be controlled by a definition file which the user can edit to iteratively refine the quality of output. With considerable effort it is possible to get output good enough to reassemble, but to be honest the amount of effort required exceeds that of rewriting the program from scratch.
When Windows 3.0 was released Andrew Schulman created a "Windows Source" add-on for Sourcer. This also supported OS/2, and I bought it to help with work I was doing with these operating systems. Windows Source consists of some external programs which examine and preprocess Windows executables and generate Sourcer definition files that act as a starting point for a user to disassemble them. Working on new operating systems and drivers has always put me on the bleeding edge of development, and over the years I've interacted with both Frank and Andrew to resolve odd boundary and corner conditions in the software. These types of problem occur because whenever you are dealing with the undocumented aspects of things you have to make assumptions, and some times these assumptions need to be corrected when a more complete model is available. In the spring of 1995 Andrew and I got into some extensive discussions about Windows 95, and his Unauthorized Windows 95 book. His book contained a number of tools, some of which are at the foundation of the 32-bit version of Windows Source. Rather that just complain that things didn't work I sat down and solved some of the issues, coded solutions and found examples that improved the model we were creating. I became a beta tester for the project, and later took it over from Andrew as he pursued other things. Andrew also wrote a small AWK program call DUMPB that was a backend to Microsoft's DUMPBIN program, basically I remember that it tried to clean up the branch and call targets within the listing. It worked Ok, but coupled with the flaws in Microsoft's disassembler a better solution was needed and DumpPE was born. The free version of DumpPE does not contain the code to generate Sourcer definition files found in the Windows Source version, but is still a very effective tool to quickly examine the inner workings of an executable or driver in Microsoft PE format.
Over the years DumpPE has been extended and improved to support new processors and additional instructions. It started with 486 and Pentium support, but now supports Pentium Pro, MMX, 3DNow!, Penitum II, Pentium III (Katmai), Pentium IV (Willamette) and most recently the Pentium IV (Prescott). The latest release also contains a cross referencer. In the last couple of months Andrew and I have been collaborating again to bring the next generation of DumpPE to the masses. The changes include improving the code and data analysis, and adding features to better support Andrew's application and his series in Dr Dobb's Journal.