Hexdump or hexadecimal dumping is a way to represent a file in hexadecimal format which helps the investigators to find out some basic things about the file and its contents. This is a primitive way to find out details regarding a file, but this can be helpful if you are doing a black box investigation on a file. The major draw back about this trick is that hexadecimal format is hard to read. 
How to?
Linux:-
How to?
Linux:-
- To do an hexadecimal dump on any Linux machine just open the terminal and type hexdump <filename>. This will generate a flow of hexadecimal stream which keeps on going. To get this stream in a proper representation you might have to pipe it with less or more like hexdump <filename> | less.
- A better version of this command is hexdump -c.
Windows:-
- There is no predefined package in windows to get the hexdump value, thus you might have to download & install the application Hxd which is a hex editor.
- Now select open under the file menu and select your file and that's all.
Note:-
This is the most easy way to find out some basic properties of the file. But this is not effective for more descriptive analysis.
Akun saya terkenak hcak
ReplyDeletehttps://www.facebook.com/profile.php?id=100080415444761
ReplyDelete