Login
Login

FlexHex

{{Short description|Hex editor for Microsoft Windows}}

{{Infobox Software

|name=FlexHex

|screenshot=Flexhex.jpg

|developer=Inv Softworks

|latest_release_version=2.7

|latest_release_date={{Start date and age|2018|10|12}}

|programming language=C++

|operating_system=Windows

|language=English

|genre=Hex editor

|license=Proprietary (free for non-commercial use)

|website={{URL|https://www.heaventools.com/flexhex-hex-editor.htm}}

}}

FlexHex is a freeware hex editor for Microsoft Windows that can edit files, NTFS alternate streams and sparse data, OLE compound files, logical disks, and physical drives.{{cite web|url=https://en.wikibooks.org/wiki/X86_Disassembly/Analysis_Tools|title=x86 Disassembly/Analysis Tools|publisher=wikibooks.org}}{{cite web|url=https://digital-forensics.sans.org/blog/2010/09/29/hex-editors-for-malware-analysis|title=6 Hex Editors for Malware Analysis|publisher=SANS Digital Forensics and Incident Response Blog|access-date=2018-06-30|archive-date=2020-01-15|archive-url=https://web.archive.org/web/20200115202357/https://digital-forensics.sans.org/blog/2010/09/29/hex-editors-for-malware-analysis|url-status=dead}}{{cite book|first1=Michael|last1=Sikorski|first2=Andrew|last2=Honig|title=Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software|year=2012|publisher=No Starch Press|isbn=9781593272906}}{{cite book|first=Victor|last=Marak|title=Windows Malware Analysis Essentials|year=2015|publisher=Packt Publishing|isbn=1785281518}}{{cite web|url=http://webdistr.ru/redaktory/redaktor-binarnyj.html|title=Hex-редакторы vs. malware}}{{cite web|url=http://www.malwarefieldguide.com/Chapter_5_STPH.html|title=Malware Forensic Field Guides: Tool Box}}

Technology

FlexHex uses the 'edit stack' model, representing the file being edited as the unchanged original stream and a stack of primitive editing operations. The original file is kept intact and gets modified only when the user selects the Save command. The advantages of this model are 1) the file does not need to be read into memory so there is no file size limit, and 2) an unlimited Undo/Redo list can be implemented simply by traversing the operation stack.

FlexHex is written on Visual C++ and MFC, which makes it very fast while keeping the size small enough.

Features

In addition to the standard features more or less typical for other hex editors, FlexHex offers a few unique ones. Specifically, FlexHex is the only hex editor that can create or edit NTFS alternate streams, sparse files, and OLE structured storage.

  • Edits files, alternate streams, OLE compound files, logical and physical disks,
  • Can edit files up to 8 exabytes long,
  • Includes unlimited Undo and Redo,
  • Allows to define arrays, structures, and unions, and to map them to the file contents,
  • Supports arithmetic and bitwise operations on data,
  • Supports multi-format search, including single-pass search for multiple patterns,
  • Scans file for strings, Unicode strings, or GUIDs,
  • Full and partial comparison of files and streams,
  • Multi-format copy, paste, drag-and-drop,
  • File / selected area printing,
  • CRC-32, MD5, SHA-1, SHA-256 checksums,
  • Cryptographically strong AES-based random number generator,
  • Browsing of registered COM classes.

See also

References

{{Reflist}}

{{DEFAULTSORT:Hxd}}

Category:Hex editors

Category:Programming tools for Windows