Jump to content

010 Editor: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Radix142 (talk | contribs)
mNo edit summary
Ondar111 (talk | contribs)
m bold first mention
Line 15: Line 15:
|website={{URL|www.sweetscape.com}}
|website={{URL|www.sweetscape.com}}
}}
}}
010 Editor is a commercial [[hex editor]] and [[text editor]] for [[Microsoft Windows]], [[Linux]] and [[macOS]]. Typically 010 Editor is used to edit [[text files]], [[binary files]], [[hard drives]], processes, tagged data (e.g. [[XML]], [[HTML]]), source code (e.g. [[C++]], [[PHP]], [[JavaScript]]), shell scripts (e.g. [[Bash (Unix shell)|Bash]], [[batch files]]), log files, etc. A large variety of binary data formats can be edited through the use of Binary Templates.<ref>{{cite web|url=https://www.slant.co/topics/1775/~best-hex-editors|title=5 Best hex editors as of 2020|publisher=Slant}}</ref><ref>{{cite book|first1=Victor|last1=Marak|title=Windows Malware Analysis Essentials|year=2015|publisher=Packt Publishing Ltd|isbn=9781785281518}}</ref><ref>{{cite web|url=https://digital-forensics.sans.org/blog/2010/09/29/hex-editors-for-malware-analysis|title=6 Hex Editors for Malware Analysis|publisher=SANS Digital Forensics and Incident Response Blog}}</ref><ref>{{cite book|first1=Godfrey|last1=Nolan|title=Bulletproof Android: Practical Advice for Building Secure Apps|year=2014|publisher=[[Addison-Wesley Professional]]|isbn=9780133993325}}</ref><ref>{{cite book|first1=Kevin|last1=Mandia|first2=Matthew|last2=Pepe|first3=Jason|last3=Luttgens|title=Incident Response & Computer Forensics, Third Edition|year=2014|publisher=McGraw Hill Professional|isbn=9780071798686}}</ref><ref>{{cite book|first1=Stuart|last1=McClure|first2=Joel|last2=Scambray|first3=George|last3=Kurtz|title=Hacking Exposed 7: Network Security Secrets and Solutions|year=2012|publisher=McGraw Hill Professional|isbn=9780071780285}}</ref><ref>{{cite web|url=https://www.malware-analyzer.com/hex-editors|title=Hex Editors|publisher=Malware-Analyzer|access-date=2020-01-17|archive-date=2020-08-19|archive-url=https://web.archive.org/web/20200819032511/https://www.malware-analyzer.com/hex-editors|url-status=dead}}</ref><ref>{{cite web|url=https://en.wikibooks.org/wiki/X86_Disassembly/Analysis_Tools|title=x86 Disassembly/Analysis Tools|publisher=[[wikibooks.org]]}}</ref><ref>{{cite web|url=http://www.malwarefieldguide.com/Chapter_5_STPH.html|title=Malware Forensic Field Guides: Tool Box|publisher=Syngress}}</ref><ref>{{cite book|first1=Michael|last1=Sikorski|first2=Andrew|last2=Honig|title=Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software|year=2012|publisher=[[No Starch Press]]|isbn=9781593272906}}</ref>
'''010 Editor''' is a commercial [[hex editor]] and [[text editor]] for [[Microsoft Windows]], [[Linux]] and [[macOS]]. Typically 010 Editor is used to edit [[text files]], [[binary files]], [[hard drives]], processes, tagged data (e.g. [[XML]], [[HTML]]), source code (e.g. [[C++]], [[PHP]], [[JavaScript]]), shell scripts (e.g. [[Bash (Unix shell)|Bash]], [[batch files]]), log files, etc. A large variety of binary data formats can be edited through the use of Binary Templates.<ref>{{cite web|url=https://www.slant.co/topics/1775/~best-hex-editors|title=5 Best hex editors as of 2020|publisher=Slant}}</ref><ref>{{cite book|first1=Victor|last1=Marak|title=Windows Malware Analysis Essentials|year=2015|publisher=Packt Publishing Ltd|isbn=9781785281518}}</ref><ref>{{cite web|url=https://digital-forensics.sans.org/blog/2010/09/29/hex-editors-for-malware-analysis|title=6 Hex Editors for Malware Analysis|publisher=SANS Digital Forensics and Incident Response Blog}}</ref><ref>{{cite book|first1=Godfrey|last1=Nolan|title=Bulletproof Android: Practical Advice for Building Secure Apps|year=2014|publisher=[[Addison-Wesley Professional]]|isbn=9780133993325}}</ref><ref>{{cite book|first1=Kevin|last1=Mandia|first2=Matthew|last2=Pepe|first3=Jason|last3=Luttgens|title=Incident Response & Computer Forensics, Third Edition|year=2014|publisher=McGraw Hill Professional|isbn=9780071798686}}</ref><ref>{{cite book|first1=Stuart|last1=McClure|first2=Joel|last2=Scambray|first3=George|last3=Kurtz|title=Hacking Exposed 7: Network Security Secrets and Solutions|year=2012|publisher=McGraw Hill Professional|isbn=9780071780285}}</ref><ref>{{cite web|url=https://www.malware-analyzer.com/hex-editors|title=Hex Editors|publisher=Malware-Analyzer|access-date=2020-01-17|archive-date=2020-08-19|archive-url=https://web.archive.org/web/20200819032511/https://www.malware-analyzer.com/hex-editors|url-status=dead}}</ref><ref>{{cite web|url=https://en.wikibooks.org/wiki/X86_Disassembly/Analysis_Tools|title=x86 Disassembly/Analysis Tools|publisher=[[wikibooks.org]]}}</ref><ref>{{cite web|url=http://www.malwarefieldguide.com/Chapter_5_STPH.html|title=Malware Forensic Field Guides: Tool Box|publisher=Syngress}}</ref><ref>{{cite book|first1=Michael|last1=Sikorski|first2=Andrew|last2=Honig|title=Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software|year=2012|publisher=[[No Starch Press]]|isbn=9781593272906}}</ref>


The software uses a tabbed document interface for displaying text and binary files. Full search and replace with regular expressions is supported along with comparisons, histograms, [[checksum]]/hash algorithms, and column mode editing. Different [[character encodings]] including [[ASCII]], [[Unicode]], and [[UTF-8]] are supported including conversions between encodings. The software is scriptable using a language similar to [[ANSI C]].
The software uses a tabbed document interface for displaying text and binary files. Full search and replace with regular expressions is supported along with comparisons, histograms, [[checksum]]/hash algorithms, and column mode editing. Different [[character encodings]] including [[ASCII]], [[Unicode]], and [[UTF-8]] are supported including conversions between encodings. The software is scriptable using a language similar to [[ANSI C]].

Revision as of 14:25, 14 May 2022

010 Editor
Developer(s)SweetScape Software Inc
Initial releaseSeptember 16, 2003; 21 years ago (2003-09-16)
Stable release
12.0 / September 17, 2021; 3 years ago (2021-09-17)
Written inC++
Operating systemWindows, Linux, macOS
Available inEnglish
TypeHex editor, Text editor
LicenseProprietary commercial software
Websitewww.sweetscape.com

010 Editor is a commercial hex editor and text editor for Microsoft Windows, Linux and macOS. Typically 010 Editor is used to edit text files, binary files, hard drives, processes, tagged data (e.g. XML, HTML), source code (e.g. C++, PHP, JavaScript), shell scripts (e.g. Bash, batch files), log files, etc. A large variety of binary data formats can be edited through the use of Binary Templates.[1][2][3][4][5][6][7][8][9][10]

The software uses a tabbed document interface for displaying text and binary files. Full search and replace with regular expressions is supported along with comparisons, histograms, checksum/hash algorithms, and column mode editing. Different character encodings including ASCII, Unicode, and UTF-8 are supported including conversions between encodings. The software is scriptable using a language similar to ANSI C.

Originally created in 2003 by Graeme Sweet, 010 Editor was designed to fix problems in large multibeam bathymetry datasets used in ocean visualization. The software was designed around the idea of Binary Templates. A text editor was added in 2008.

010 Editor is available as Trialware and can be run for free for 30 days. After 30 days a license must be purchased to continue using the software.

Binary Templates

A Binary Template is a text file containing a series of structs similar to ANSI C. The main difference between ANSI C is that structs in Binary Templates may contain control statements such as if, for or while. When 010 Editor executes a Binary Template on a binary data file, each variable defined in the Binary Template is mapped to a set of bytes in the binary file and added to a hierarchical tree structure. The tree structure can then be used to view and edit data in the binary file in an easier fashion than using the raw hex bytes. Binary Templates typically have a '.bt' extension.

010 Editor has an online repository of Binary Templates containing over 80 formats. When a binary file is opened in 010 Editor and a Binary Template exists for the file, the software can automatically download and install the Template. Templates can also be added to the repository or updated directly from the software.

Technology

Data files in 010 Editor are stored as a series of blocks, where each block can either point to a block of data somewhere on disk or in memory. When a large section of data from a binary file is copied to another binary file, a new block pointer is inserted into the file but the actual data is not copied. This scheme allows partial loading of files from disk and is also used to provide unlimited undo and redo. Currently when large text blocks are opened or copied the data is scanned for linefeeds, meaning there may be a delay before editing can resume. 010 Editor uses the Qt library to provide multi-platform support.

Features

  • Edit text files, hex files, processes, physical and logical drives
  • Multiple files shown as draggable tabs which can be organized in tab groups
  • Large file support (50 GB+ for text files, 8 Exabytes for hex files)
  • Find and Replace with various data types and regular expressions
  • Find and Replace across multiples files
  • Unlimited undo and redo
  • Column Mode Editing
  • Supports 30 different character encodings (e.g. ASCII, ANSI, Unicode, UTF-8) plus custom encodings and conversions
  • ASCII, Unix, Mac and Unicode linefeed support including visualizing whitespace
  • Comparisons and histograms
  • Inspector for interpreting bytes as different data types
  • Scriptable using a language similar to ANSI C
  • Scripts can be shared online and downloaded using an integrated online repository
  • Syntax highlighters can be created, shared and downloaded through the online repository
  • Bookmarks can be created using different data types
  • Edit NTFS, FAT, exFAT, and HFS drives using templates
  • Checksum/Hash algorithms including CRC-16, CRC-32, Adler32, MD2, MD4, MD5, RIPEMD160, SHA-1, SHA-256, SHA-512, TIGER
  • Import or export hex data in Intel Hex Format, Motorola S-Records, Hex Text, C/C++/Java Code, Base64, Uuencoding, RTF, or HTML
  • Arithmetic and bitwise operations on hex data
  • Printing with header, footer and margin control
  • Integrated debugger for finding problems with Binary Templates and scripts
  • Portable version for running from USB drives
  • Dark and light themes

See also

References

  1. ^ "5 Best hex editors as of 2020". Slant.
  2. ^ Marak, Victor (2015). Windows Malware Analysis Essentials. Packt Publishing Ltd. ISBN 9781785281518.
  3. ^ "6 Hex Editors for Malware Analysis". SANS Digital Forensics and Incident Response Blog.
  4. ^ Nolan, Godfrey (2014). Bulletproof Android: Practical Advice for Building Secure Apps. Addison-Wesley Professional. ISBN 9780133993325.
  5. ^ Mandia, Kevin; Pepe, Matthew; Luttgens, Jason (2014). Incident Response & Computer Forensics, Third Edition. McGraw Hill Professional. ISBN 9780071798686.
  6. ^ McClure, Stuart; Scambray, Joel; Kurtz, George (2012). Hacking Exposed 7: Network Security Secrets and Solutions. McGraw Hill Professional. ISBN 9780071780285.
  7. ^ "Hex Editors". Malware-Analyzer. Archived from the original on 2020-08-19. Retrieved 2020-01-17.
  8. ^ "x86 Disassembly/Analysis Tools". wikibooks.org.
  9. ^ "Malware Forensic Field Guides: Tool Box". Syngress.
  10. ^ Sikorski, Michael; Honig, Andrew (2012). Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software. No Starch Press. ISBN 9781593272906.