FileInsight v2.1 - Analyzing files in various formats
Secure Computing’s FileInsight helps to inspect and edit
files of various formats. It is specifically designed to aid in analysis of
potentially malicious files.
Opening Files
FileInsight allows to open files for analysis both directly from open the local harddisk, using the Open toolbar button, or by typing a URL into the Web toolbar and clicking the Get button (see screenshot below to the left). Files are displayed in either textual or hexadecimal format, which can be toggled easily via the View as Hex and View as Text toolbar buttons.
Navigating Binary Files
C/C++ data structure declarations (also see Structure Declarations on MSDN) can be directly imported into FileInsight. Simply click the Open toolbar button in the Structures window and choose the .h file to be opened.
Analyzing Data
The Values window displays different interpretations of the data at the current cursor position. A toolbar button allows to toggle between Little-Endian and Big-Endian byte order.
Scripting
Modification of a file’s content can be automated using the builtin JavaScript support (also see A re-introduction to JavaScript).
More information: here
Thanks to our friend, Ams, for sharing this tool with us.
Post scriptum
Compliance Mandates
|
Related Articles
FileInsight |
|
Forensics |
|
Information Gathering |
|
Local auditing |
|