We may be familiar with various hex editors and binary analyzers such as OllyDbg, IDA pro etc. There are some situations where we wont be able to use the binary or Hex editors which is installed in our machine.
Here are some java script/web based Hex/Binary analyzers which we can use on the go. We can use these web apps even from our mobile devices and inspect binary files.
I know! Its cool, right?
Hexed.it with calc.exe
As you can see, we have a data inspector here and a search utility. Just right click on the window and start editing the hex file. In the tool menu there is an PE identifier utility based on TrID.
Binvis is a nice tool which allows us to visually analyze and dissect PE files. Binvis uses two different visualization curves, lets say cluster curves(Hilbert curves) and scan curves.
Binvis with calc.exe
We can save these PE visualizations as image files (png) if we wants to. For suspicious binary files, its possible to lookup using 2 popular malware signature repositories (Virustotal/Metascan) and google search engine.
Tried to look up for ‘calc.exe’ using Virustotal. VT shows very clearly that its a trusted PE from Microsoft. 🙂
If we are looking up that executable with Google, binvis will send a search request to Google using the executable’s MD5 and SHA signatures. Have a look at the below screenshot.
There are also some other websites which offers online Hex/binary editors. For example: http://icebuddha.com/ But as a user i was more comfortable with Hexedit.
On a final note, these online tools can be only used for an initial review of executable/binary files. For a detailed analysis always use pro tools such as IDA pro/Ollydbg or any other Hex/binary editors.