Linux binaries

Strace

In the simplest case strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are received by a process.

Strace a running process

strace -p [pid]

Strace a program

strace ./program [arguments]

Strace a program and threads

strace -f ./program [arguments]

Ltrace

ltrace is a program that simply runs the specified command until it exits. It intercepts and records the dynamic library calls which are called by the executed process and the signals which are received by that process.

ltrace ./program

Strings

Classic, but OP. You can run strings on binaries to print all 'strings' in a file:

strings ./program

Ghidra

Time to read some code.

Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.

GitHub - NationalSecurityAgency/ghidra: Ghidra is a software reverse engineering (SRE) frameworkGitHub

PreviousWindows executables and DLL's NextJava applications

Last updated 11 months ago