Fhex is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations (e.g. too many dependencies, missing hex coloring features, etc.).
This project is based on qhexedit2, capstone and keystone engines. New features could be added in the future, PRs are welcomed.
CTRL + F
]CTRL + B
]CTRL + C
and CTRL + V
]CTRL + Space
]Delete
or CTRL + D
]CTRL + Z
and CTRL + Y
]CTRL + S
]CTRL + G
]INS
]CTRL + N
]CTRL + T
]F5
]F1
]F2
]F3
]F4
]F4
]CTRL + Up/Down
or CTRL + -/+
)Fhex can load at startup a configuration file (from ~/fhex/config.json
) in JSON format with a list of strings or bytes to highlight and a comment/label to add close to the matches.
Examples:
{
“PatternMatching”:
[
{
“string” : “://www.”,
“color” : “rgba(250,200,200,50)”,
“message” : “Found url”
},
{
“bytes” : “414243”,
“color” : “rgba(250,200,200,50)”,
“message” : “Found ABC”
}
]
}
To activate pattern matching press CTRL + P
At the end, Fhex will show also an offset list with all the result references. Note: Labels with comments are added only if the window is maximized, if labels are not displayed correctly please try to run pattern matching again.
Fhex has the feature to chart the loaded binary file (Note: In order to compile the project, now you need also qt5-charts
installed on the system). The y-axis range is between 0 and 255 (in hex 0x0 and 0xff, i.e. the byte values). The x-axis range is between 0 and the filesize.
The chart plots the byte values of the binary file and let you focus only on the relevant sections. For example, if in a binary file there is an area full of null bytes, you can easily detect it from the chart.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…