String Analysis

When exploring binary files it is often useful to run strings to look for interesting data.  I’ve written a simple python script to analyze strings output for IP addresses and domain names.

This script will analyze the output of the strings command and look for IP addresses and domain names. When a potential IP address is found it will attempt a reverse lookup. When a potential domain name is found it will attempt to resolve the name to an IP address.

Usage

$ strings FileName | python strings-analysis.py

You can find the code on my Github.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s