Quick Tutorial: How to Use hexdump for Security Analysis

Hexdump is a utility developed in the C program to identify the contents of binary files in hexadecimal, decimal, octal, or ascii format. In simple words, This tool is able to display the contents of any files in different readable formats.

This tool is basically used for reverse engineering and data discovery. If you are analyzing some files and binaries, hexdump provides you a readable format of the same file. This tutorial covers a brief guide to know hexdump utility.

Installation

hexdump is pre-installed on many Linux distributions. I am here using Kali Linux, a security testing framework, for demonstration purposes.

Who uses hexdump?

• Application Developers
• Security Researchers
• Software Debuggers
• Testers

Syntax

hexdump <options> file

Example Usage:

(1) Display hex + ascii content of the file

If a user wants to display hex and ascii content of a file, just use -C option.

hexdump -C index.html

(2) Display one-byte octal of file

If a user wants to display one-byte octal content of a file, use -b option.

hexdump -b index.html

(3) Display two-byte octal display

If a user wants to display the two-byte octal content of a file, use -b option.

hexdump -o index.html

(4) Display two-byte hex of file

hexdump -x index.html

(5) Display n bytes of output

By using -n option, it allows the display of data to particular length.

hexdump -n 12 index.html

(6) Display version number of hexdump

-V option with hexdump displays the version number of this tool.

hexdump -V

(7) To display file content in decimal format

hexdump -d index.html | head

(8) To display the complete man page of the tool

hexdump -h

Conclusion

hexdump is a very useful program to read raw data of any type of file. It helps in declutter or decode various file formats. hexdump is very helpful in analyzing firmware binaries. I recommend trying this tool to analyze different files in an easy way.