Update Readme

README.md

@@ -12,8 +12,16 @@
 2. 根据 firstmoduledata 中的信息定位到 **pclntab**(PC Line Table)，并从 pclntab 入手解析、恢复**函数符号**，抽取**源码文件列表**；
 3. 解析 **strings** 和 string **pointers**；
 4. 根据 firstmoduledata 中的信息，解析所有 **types** 并为 types 各种属性打上有意义的 comment 或 dref；
-5. 解析 **itab**(Interface Table)；
-6. 以上功能对于 **buildmode=pie** 类型的 Go binary 文件依然有效。
+5. 解析 **itab**(Interface Table)。
+
+Go 语言二进制文件中对逆向分析有帮助的信息如下：
+
+![](./imgs/go_binary_info.png)
+
+另外，**go_parser** 还有两个很有用的特性：
+
+1. 以上功能对于 **buildmode=pie** 类型的 Go binary 文件依然有效；
+2. 对于文件头信息尤其是 Section Header 信息损坏的二进制文件依然有效。
 
 DDGMiner v5029 (MD5: 95199e8f1ab987cd8179a60834644663) 样本中核心的配置文件 struct 解析结果示例如下：
 

README_en.md

@@ -12,8 +12,16 @@ Inspired by [golang_loader_assist](https://github.com/strazzere/golang_loader_as
 2. Locate **pclntab**(PC Line Table) according to the **firstmoduledata** and parse it. Then find and parse and recover function names and source file paths in the pclntab. Source file paths will be printed in the output window of IDAPro；
 3. Parse strings and string pointers, make comment for each string, and make **dref** for each string pointer；
 4. According to firstmoduledata, find each **type** and parse it, meke comment for each attribute of **type**, which will be very convenient for malware researcher to analyze a complex type or data structure definition；
-5. Parse **itab**(Interface Table)；
-6. All those features above are valid for binaries built with **buildmode=pie**.
+5. Parse **itab**(Interface Table).
+
+Helpful information to RE work for Go binaries:
+
+![](./imgs/go_binary_info.png)
+
+And there are two useful feature in **go_parser**:
+
+1. It also work fine for binaries with malformed File Header information, especially malformed Section Headers information;
+2. All those features above are valid for binaries built with **buildmode=pie**.
 
 A config data structure in DDGMiner v5029 (MD5: 95199e8f1ab987cd8179a60834644663) parsing result as below：