cobya
commented
6 months ago @SimonvanAs can you please provide some documentation on the related build package formats used by VB6? I'm unfamiliar with the tooling there.
Open SimonvanAs opened 7 months ago
cobya
commented
6 months ago @SimonvanAs can you please provide some documentation on the related build package formats used by VB6? I'm unfamiliar with the tooling there.
SimonvanAs
commented
4 months ago First I used Syft on the actual codebase that I had in a filelocation:
But that gave too little information, although it did see the VB virtual machine
We have now used DependencyWalker for the .exe analysis and the .dll decomposition. It looks like this:
I'm not sure this is the information you requested, but the build is done on a 32-bit Windows machine and as far as I'm concerned it 'just' creates .exe files
dylanb6
commented
3 months ago Hi,
This page from Microsoft is a resource regarding the dependencies used by VB6 programs. The use of .dep files under the packaging and setup wizard is a good thread to follow.
However, in the case that an application does not use these, I think it may be worth looking into the source files themselves (e.g. .vbp, .frm, .bas, etc). Opening a couple in Notepad++ yields a list of references and components used by that particular program or form. There's also this thread from VBForums regarding SBOMs for VB6.
Thanks.
Hi, as maintainer of a VB6 project and upcoming law in the EU (NIS2) we are obliged to have an SBoM. WOuld love to be able to integrate https://github.com/microsoft/sbom-tool (which uses the component-detection) in my build pipeline. Any option to include that in the component-detection?