Binary grep with support for sophisticated regexes and grep(1)-like usage.
bgrep
's command-line options mirror those of grep(1)
very closely. The main difference is that bgrep
operates on hex strings instead of text strings.
Examples:
bgrep -r 'ffd9' /home/user/pictures
- find all files with a JPEG header in thembgrep '00??00' binary
- find one-byte strings in a binarybgrep -C 16 -t hex '09f91102' dvdcss
- find instances of a certain encryption key in a programbgrep -F 'PK' file.zip
- find zip entry headers in a zip filebgrep -E '\0[\x20-\x7e]{1,8}\0' unknown.exe
- find printable strings between 1 and 8 chars long in a program (using Python regex syntax)bgrep -W -w 4 '0000f4ce' input.bin
- find the word0x0000f4ce
in little-endian order (ce f4 00 00)
bgrep
defaults to displaying binary content in a hexdump format, and even supports colour by default on supported terminals, just like grep
.
As a prerequisite, you will need Python 3, at least 3.2 (higher preferred). After installing that, a simple
wget 'https://raw.githubusercontent.com/nneonneo/bgrep/master/bgrep.py' -O /usr/local/bin/bgrep
will do the trick.