HEX-editor is a program that candisplay information as the computer "sees" it, but converting binary numbers to hexadecimal numbers. Opening any file in such an application, the user will see a matrix consisting of columns and rows, the number of which depends on the size of the file in question. Therefore, if you change the byte values in the editor, the contents of the open document will also change.
Any data is stored in the PC in the form of machine data.words, otherwise - bytes. Each includes 8 bits (binary digits, which take the value of either "0" or "1"). By mathematical calculations, it can be understood that a number in the range from 0 to 255 can be written in one byte. If you translate 255 into hexadecimal numbering system, it is converted to FF. That is, it is very convenient to use a hexadecimal view for displaying any machine word. Hence the name of the group of programs - hex editor.
In addition to the matrix described above, there may be other means in the interface of the presented group of applications:
This HEX editor is completely free.It works only in Windows operating systems. The product has all the gentleman's kit, such as viewing and editing a file. At the same time, the program has a pleasant and convenient interface.
But standard functions are the minimum forwhich FileInsight can be used. What is the maximum? We must start with the possibility of parsing the structures of executable files. Isn't that enough? Any selected fragment can be disassembled on the fly. One click - and incomprehensible numbers become readable listing.
Among other things, this HEX-editor providesMany code processing algorithms to bypass the developers of built-in protection. First of all, you need to pay attention to the decoding of obfuscation methods, such as add, xor, Base64, shift. The scripts with which the application is delivered break down such cryptographic protection with ease. Most of the actions can be automated by writing simple scripts in JS or Python. Sometimes it is not necessary to create anything new, because the base of these is impressive.
Although FileInsight is considered one of the best tools for reverse engineering, there is a huge drawback in the program - the inability to process files that exceed 400 MB.
This HEX editor is distributed in two versions:free and advanced. A freeware-licensed product is quality but unremarkable. Of the features, you can highlight the broad interface settings and color schemes. The professional version provides more useful features that are particularly relevant during the analysis of binary files.
For example, the user is providedDecoding capabilities of programs encrypted by common algorithms. In addition, there are functions that allow editing local resources (RAM, NTFS streams, hard disks). Process automation is implemented using VBS and JS scripts.
However, the most important feature of the programis a disassembler that can work with x64, x86 and .NET files. Another feature not provided by competitors is to create a patch based on a comparison of two executable binaries. Certainly impressive, but when compared to FileInsight, Neo still loses. However, NEO can work with large files.
The Hiew HEX editor does not have a free version.Developed by a team from Russia. The product begins its history from the time of 16-bit applications for DOS and Windows 3.1. Hiew is often used by professionals involved in computer and information security. The reasons are clear: the whole range of possibilities for editing and viewing executable Windows binary files, as well as Linux compiled programs (ELF).
Another remarkable feature that helps inreverse engineering, - disassembler and assembler built into Hiew. And they work, both with x86, and with x86_64-applications, instructions of processors of architecture of ARM are supported also. The editor copes with large files without any difficulties, allows low-level data modification on physical HDDs.
A large number of actions may beautomated. To do this, programmers have built the ability to create scripts, keyboard macros and API functions that are used to call internal procedures from external applications. But the unconditional victory in the field of hex editors Hiew still did not get. Its interface is fully implemented in DOS style, and the windows are drawn by the command line (or the console, if we talk about Linux systems).
