Awesome Static Linux Malware Analysis 
When initially analyzing suspected malware, a recommended first step is to scan the sample using multiple antivirus engines, as it may have already been identified and classified. Services such as VirusTotal are particularly useful for this purpose, as they aggregate results from numerous security vendors in a single platform.
md5sum "/path/to/your/file.elf"
sha256sum "/path/to/your/file.elf"
sha1sum "/path/to/your/file.elf"String extraction is a critical step in static malware analysis because it allows you to quickly gain insight into a binary without executing it.
- with
binutils/strings:strings -n 4 /path/to/your/file.elf
- -n Locate & print any sequence of at least
- --bytes= displayable characters. (
The default is 4).
- with
r2/rabin2:rabin2 -zz /path/to/your/file.elf
- rabin2 -z file.bin : List strings from data sections
- rabin2 -zz file.bin : List all detected strings
- rabin2 -zzq file.bin : Show only string text
- rabin2 -zr file.bin : Generate radare2 commands for string flags
You can access the my other awesome lists here
Contributions of any kind welcome, just follow the guidelines!
