InfoSec‎ > ‎

Reverse Engineering


GNU file
PE Tools
nm (dumpbin for windows): information about symbols embedded into binary files (if not stripped)
ldd ("dumpbin /depedents" for windows): list dynamic dependencies (for dynamically linked binaries)
c++filt: determines the compiler that generated the mangled name (if function overloading is used) of functions in the binary (if they exists) p.47 of ida
strings: extract strings of >4 ASCII characters
ndisasm, diStorm: stream disassemblers. Useful for working with binaries created by metasploit (msfpayload), or analysis of shellcodes in network packets