{"id":13638687,"url":"https://github.com/glmcdona/strings2","last_synced_at":"2025-04-19T18:30:57.592Z","repository":{"id":5977225,"uuid":"7199192","full_name":"glmcdona/strings2","owner":"glmcdona","description":"strings2: An improved strings extraction tool.","archived":false,"fork":false,"pushed_at":"2022-05-30T05:15:41.000Z","size":15258,"stargazers_count":294,"open_issues_count":4,"forks_count":64,"subscribers_count":12,"default_branch":"master","last_synced_at":"2024-11-09T08:40:11.795Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://split-code.com/strings2.html","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"YouXianMing/Animations","license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/glmcdona.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"license.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2012-12-17T04:12:30.000Z","updated_at":"2024-10-21T02:05:35.000Z","dependencies_parsed_at":"2022-08-29T20:20:52.919Z","dependency_job_id":null,"html_url":"https://github.com/glmcdona/strings2","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/glmcdona%2Fstrings2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/glmcdona%2Fstrings2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/glmcdona%2Fstrings2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/glmcdona%2Fstrings2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/glmcdona","download_url":"https://codeload.github.com/glmcdona/strings2/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249764732,"owners_count":21322290,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T01:00:51.706Z","updated_at":"2025-04-19T18:30:55.249Z","avatar_url":"https://github.com/glmcdona.png","language":"C++","readme":"# strings2 - Extract strings from binary files and process memory\nStrings2 is a Windows command-line tool for extracting strings from binary data. On top of the classic Sysinternals strings approach, this tool includes:\n* Multi-lingual string extraction, such as Russian, Chinese, etc.\n* Machine learning model filters out junk erroneous string extractions to reduce noise.\n* String extractions from process memory.\n* Recursive and wildcard filename matching.\n* Json output option for automation integration. (Also see python module version [binary2strings](https://github.com/glmcdona/binary2strings))\n\nI also recommend looking at [FLOSS](https://github.com/mandiant/flare-floss) from Mandiant a cross-platform string extraction solver with a different set of features.\n\n## Installation\nDownload the [latest release binary](https://github.com/glmcdona/strings2/releases).\n\n## Example Usage\n\nDump all strings from `malware.exe` to stdout:\n\n* ```strings2 malware.exe```\n\nDump all strings from all `.exe` files in the `files` folder to the file `strings.txt`:\n* ```strings2 ./files/*.exe \u003e strings.txt```\n\nDump strings from a specific process id, including logging the module name and memory addresses of each match:\n* ```strings2 -f -s -pid 0x1a3 \u003e process_strings.txt```\n\nExtract strings from `malware.exe` to a json file:\n* ```strings2 malware.exe -json \u003e strings.json```\n\n## Documentation\n\n```strings.exe (options) file_pattern```\n\n* `file_pattern` can be a folder or file. Wildcards (`*`) are supported in the filename parts - eg `.\\files\\*.exe`.\n\n|Option|Description|\n|--|--|\n|-r|Recursively process subdirectories.|\n|-f|Prints the filename/processname for each string.|\n|-F|Prints the full path and filename for each string.|\n|-s|Prints the file offset or memory address span of each string.|\n|-t|Prints the string type for each string. UTF8, or WIDE_STRING.|\n|-wide|Prints only WIDE_STRING strings that are encoded as two bytes per character.|\n|-utf|Prints only UTF8 encoded strings.|\n|-a|Prints both interesting and not interesting strings. Default only prints interesting non-junk strings.|\n|-ni|Prints only not interesting strings. Default only prints interesting non-junk strings.|\n|-e|Escape new line characters.|\n|-l [num_chars]|Minimum number of characters that is a valid string. Default is 4.|\n|-b [start]\\(:[end]\\)|Scan only the specified byte range for strings. Optionally specify an end offset as well.|\n|-pid [pid]|The strings from the process address space for the specified PID will be dumped. Use a '0x' prefix to specify a hex PID.|\n|-system|Dumps strings from all accessible processes on the system. This takes awhile.|\n|-json|Writes output as json. Many flags are ignored in this mode.|\n\n\n## Version History\n\nVersion 2.0 (May 29, 2022)\n  - Complete overhaul of the tool.\n  -\tUpgrade string extraction engine from [binary2strings](https://github.com/glmcdona/binary2strings).\n  - Add support for multilingual strings.\n  - Added ML model to filter junk erroneous string extractions.\n  - Add option to dump only a specified offset range.\n  - Add json output option.\n  - Add memory address and module name logging.\n  - Fixes to 64bit process string dumping.\n\nVersion 1.2 (Apr 21, 2013)\n  -   Added \"-a\" and \"-u\" flags to extract only ascii or unicode strings.\n  -   Fixed a bug when processing certain filenames.\n\nVersion 1.1 (Nov 22, 2012)\n  -   Added \"-r\" recursive flag option.\n  -   Added \"-pid\" and \"-system\" flag options to specify process input sources.\n  -   Piped input data is now supported.\n  -   Various fixes.\n\nVersion 1.0 (Sept 20, 2012)\n  -   Initial release.","funding_links":[],"categories":["C++"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fglmcdona%2Fstrings2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fglmcdona%2Fstrings2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fglmcdona%2Fstrings2/lists"}