itsMe Posted June 2, 2021 Share Posted June 2, 2021 This is the hidden content, please Sign In or Sign Up FileInsight-plugins is a large set of plugins for the McAfee FileInsight hex editor. It adds many capabilities such as decryption, decompression, searching XOR-ed text strings, scanning with a YARA rule, code emulation, disassembly, and more! It is useful for various kinds of decoding tasks in malware analysis (e.g. extracting malware executables and decoy documents from malicious document files). List of plugins (113 plugins) Basic operations Copy to new file Copy selected region (the whole file if not selected) to a new file Bookmark Bookmark selected region with specified comment and color Cut binary to clipboard Cut binary data of selected region to clipboard as hex-encoded text Copy binary to clipboard Copy binary data of selected region to clipboard as hex-encoded text Paste binary from clipboard Paste binary data (converted from hex-encoded text) from clipboard Delete before Delete all region before the current cursor position Delete after Delete all region after the current cursor position Fill Fill selected region with specified hex pattern Invert Invert bits of selected region Reverse order Reverse order of selected region Swap nibbles Swap each pair of nibbles of selected region Swap two bytes Swap each pair of bytes of selected region To upper case Convert text to upper case of selected region To lower case Convert text to lower case of selected region Swap case Swap case of selected region Compression operations Compress aPLib Compress selected region with aPLib compression library Bzip2 Compress selected region with bzip2 algorithm Gzip Compress selected region with gzip format LZ4 Compress selected region with LZ4 algorithm LZMA Compress selected region with LZMA algorithm LZNT1 Compress selected region with LZNT1 algorithm LZO Compress selected region with LZO algorithm PPMd Compress selected region with PPMd algorithm QuickLZ Compress selected region with QuickLZ compression library Raw deflate Compress selected region with Deflate algorithm without header and checksum (equivalent to gzdeflate() in PHP language) XZ Compress selected region with XZ format zlib (deflate) Compress selected region with zlib (Deflate algorithm) Zstandard Compress selected region with Zstandard algorithm Decompress aPLib Decompress selected region with aPLib compression library Bzip2 Decompress selected region with bzip2 algorithm Gzip Decompress selected gzip-compressed region LZ4 Decompress selected region with LZ4 algorithm LZMA Decompress selected region with LZMA algorithm LZNT1 Decompress selected region with LZNT1 algorithm LZO Decompress selected region with LZO algorithm PPMd Decompress selected region with PPMd algorithm QuickLZ Decompress selected region with QuickLZ compression library Raw inflate Decompress selected Deflate compressed region that does not have header and checksum (equivalent to gzinflate() in PHP language) XZ Decompress selected XZ compressed region zlib (inflate) Decompress selected region with zlib (Deflate algorithm) Zstandard Decompress selected region with Zstandard algorithm Crypto operations Decrypt AES Decrypt selected region with AES ARC2 Decrypt selected region with ARC2 (Alleged RC2) ARC4 Decrypt selected region with ARC4 (Alleged RC4) Blowfish Decrypt selected region with Blowfish ChaCha20 Decrypt selected region with ChaCha20 DES Decrypt selected region with DES Salsa20 Decrypt selected region with Salsa20 TEA Decrypt selected region with TEA (Tiny Encryption Algorithm) Triple DES Decrypt selected region with Triple DES XTEA Decrypt selected region with XTEA (eXtended Tiny Encryption Algorithm) Encrypt AES Encrypt selected region with AES ARC2 Encrypt selected region with ARC2 (Alleged RC2) ARC4 Encrypt selected region with ARC4 (Alleged RC4) Blowfish Encrypt selected region with Blowfish ChaCha20 Encrypt selected region with ChaCha20 DES Encrypt selected region with DES Salsa20 Encrypt selected region with Salsa20 TEA Encrypt selected region with TEA (Tiny Encryption Algorithm) Triple DES Encrypt selected region with Triple DES XTEA Encrypt selected region with XTEA (eXtended Tiny Encryption Algorithm) Encoding operations Decode Hex text to binary data Convert hex text of selected region into binary Decimal text to binary data Convert decimal text of selected region into binary data Octal text to binary data Convert octal text of selected region into binary data Binary text to binary data Convert binary text of selected region into binary data Custom base16 decode Decode selected region with custom base16 table Custom base32 decode Decode selected region with custom base32 table Custom base58 decode Decode selected region with custom base58 table Custom base64 decode Decode selected region with custom base64 table Custom base85 decode Decode selected region with custom base85 table Protobuf decode Decode selected region as Protocol Buffers serialized data without .proto files From quoted printable Decode selected region as quoted printable text Unicode unescape Unescape Unicode escape sequence of selected region URL decode Decode selected region as percent-encoded text that is used by URL Encode Binary data to hex text Convert binary of selected region into hex text Binary data to decimal text Convert binary of selected region into decimal text Binary data to octal text Convert binary of selected region into octal text Binary data to binary text Convert binary of selected region into binary text Custom base16 encode Encode selected region with custom base16 table Custom base32 encode Encode selected region with custom base32 table Custom base58 encode Encode selected region with custom base58 table Custom base64 encode Encode selected region with custom base64 table Custom base85 encode Encode selected region with custom base85 table ROT13 Rotate alphabet characters in selected region by the specified amount (default: 13) To quoted printable Encode selected region into quoted printable text Unicode escape Escape Unicode characters of selected region URL encode Encode selected region into percent-encoded text that is used by URL Misc operations Emulate code Emulate selected region as an executable or shellcode with Qiling Framework (the whole file if not selected) File comparison Compare contents of two files Hash values Calculate MD5, SHA1, SHA256, ssdeep, imphash, impfuzzy hash values of selected region (the whole file if not selected) Send to Send selected region (the whole file if not selected) to other programs Parsing operations Binwalk scan Scan selected region (the whole file if not selected) to find embedded files Disassemble Disassemble selected region (the whole file if not selected) File type Identify file type of selected region (the whole file if not selected) Find PE file Find PE file from selected region (the whole file if not selected) Parse file structure Parse file structure of selected region (the whole file if not selected) with Kaitai Struct Supported file formats: Gzip, RAR, ZIP, ELF, Mach-O, PE, MBR partition table, BMP, GIF, JPEG, PNG, Windows shortcut Show metadata Show metadata of selected region (the whole file if not selected) with ExifTool Strings Extract text strings from selected region (the whole file if not selected) Search operations Regex search Search with regular expression in selected region (the whole file if not selected) Replace Replace matched data in selected region (the whole file if not selected) with specified data XOR hex search Search XORed / bit-rotated data in selected region (the whole file if not selected) XOR text search Search XORed / bit-rotated string in selected region (the whole file if not selected) YARA scan Scan selected region (the whole file if not selected) with YARA. Visualization operations Bitmap view Visualize the whole file as a bitmap representation Byte histogram Show byte histogram of selected region (the whole file if not selected) Entropy graph Show entropy graph of selected region\n(the whole file if not selected) XOR operations Decremental XOR XOR selected region while decrementing XOR key Incremental XOR XOR selected region while incrementing XOR key Null-preserving XOR XOR selected region while skipping null bytes and XOR key itself XOR with next byte XOR selected region while using next byte as XOR key Guess multibyte XOR keys Guess multibyte XOR keys from the selected region (the whole file if not selected) based on revealed keys that are XORed with 0x00 Visual encrypt Encode selected region with visual encrypt algorithm that is used by Zeus trojan Visual decrypt Decode selected region with visual decrypt algorithm that is used by Zeus trojan This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
itsMe
2s4cx43k
Recommended Posts