Didier Stevens

Sunday 23 August 2020

New Tool: XORSearch.py

Filed under: Announcement,My Software — Didier Stevens @ 19:42

XORSearch, written in C, is a tool of mine I started 10+ years ago. But more and more security tools don’t like it.

So I decided to stop adding new features to XORSeach in C, and start programming a Python version to implement new features. This is a work in progress.

For the moment, the Python version only supports XOR-encoding with a one-byte key, and can only search for printable content.

Take a look at my SANS ISC diary entry to see how I use it.

I will still maintain the C version: perform bug fixes and add new features that require the speed of compiled C.

But features like detecting printable content will normally be used on small files, and then speed is not an issue.

Blog at WordPress.com.