This new version of re-search.py comes with a new option: -e. This option instructs re-search to read its input as a binary file and extract strings from it, to be matched with the chosen regular expression. This allows, for example, the processing of UNICODE strings.
re-search_V0_0_11.zip (https)
MD5: 72F160A83E214351162704EB4B94EB9E
SHA256: 624E2864738008F6A63CC4E3F7B5FCB3738389DBC7E6EF29BC8C2F749ABAD9DE
[…] Tools: zipdump.py and re-search.py. […]
Pingback by Analyzing XPS Files – Didier Stevens Videos — Sunday 1 July 2018 @ 13:33
[…] Update: re-search.py Version 0.0.11 […]
Pingback by Week 27 – 2018 – This Week In 4n6 — Sunday 8 July 2018 @ 12:54
[…] re-search.py, I extract all strings from the script (e.g. strings delimited by double […]
Pingback by Extracting DotNetToJScript’s PE Files | Didier Stevens — Wednesday 25 July 2018 @ 0:00
[…] Update: re-search.py Version 0.0.11 […]
Pingback by Overview of Content Published in July | Didier Stevens — Thursday 2 August 2018 @ 0:00