This post is part of a series of posts categorized as “Wiki” that contain basic how-to information. The intent is to create a reference repository for myself, but I’m not selfish so if anyone else can also benefit from it then I’m happy to share the knowledge!
strings
- OS: Linux/Windows
- Description: Extract strings from file (ASCII by default)
Helpful Options:
-d --data Only scan the data sections in the file
-n --bytes=[number] Locate & print any NUL-terminated sequence
least [number] characters (default 4).
-e --encoding=l Unicode stringsstrings2
- OS: Windows
- Description: Extract ASCII and Unicode strings from file or active running process
Helpful Options:
-f Prints the filename/processname before each string.
-r Recursively process subdirectories.
-t Prints the type before each string. Unicode,
ascii, or assembly unicode/ascii stack push.
-a Prints only ascii strings.
-u Prints only unicode strings.
-l Minimum number of characters that is
a valid string. Default is 4.
-nh No header is printed in the output.
-pid The strings from the process address space for the
specified PID will be dumped. Use a '0x' prefix to
specify a hex PID.