Knowing what we are dealing with prepares us further. For example, if a file were identified as a Windows executable, we then prepare Windows executable tools. Information gathering tools helps us identify what the file type is and its properties. The information gathered becomes a part of the analysis profile. These tools are categorized as file type identifying, hash calculating, text string gathering, and monitoring tools.
Information gathering tools
File type information
These tools gather primary information about a file. The data gathered includes the filename, file size, file type, and file type-specific properties. The result of these tools enables the analyst to plan how to analyze the file:
- PEiD: A tool used...