![]() The disassembler is especially helpful when looking at shellcode embedded in malicious files.įileInsight includes numerous other analyst-friendly features, such as the ability to import data structure declarations, HTML syntax highlighting, and tools for decoding various data obfuscation methods (xor, add, shift, Base64, etc.). Furthermore, the tool has a built-in x86 disassembler: simply point the cursor at the area of the file you want to treat as code, and the tools will show you the corresponding assembly instructions. As expected, it can perform standard hex editor duties, such as viewing and editing file contents in a hex form, but it also does more than that.įileInsight is able to parse the structure of compiled Windows executables (PE files) and binary Microsoft Office (OLE) documents. ![]() FileInsightįileInsight is a free hex editor from McAfee Labs that runs on Microsoft Windows ( download zip file). There are lots of hex editors out there I want to mention a few that I find particularly useful for analyzing malware and examining malicious document files. Some editors distinguish themselves at helping the user derive meaning from the examined file, extracting ASCII and Unicode contents, searching for patterns, recognizing common structures, and so on. Hex editors allow examining and modifying a file at the low-level of bytes and bits, usually representing the file's contents in hexadecimal form. Immediately apply the skills and techniques learned in SANS courses, ranges, and summits
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |