Quick and Useful Tricks for Analyzing Binaries for Pen Testers - Part 2 | SANS Pentesting Blog

Again, basic techniques and knowdlege that everyone should have.

This blog post is the second in a series of three blog posts dedicated to quick and useful techniques for analyzing binaries. In my first post, I talked about how penetration testers and other analysts can find and isolate network traffic generated by a binary. This time we'll look at pillaging the various data files that binaries and applications leave lying around. Our focus will again be on the Windows side of things, as that's where we often find the juiciest applications to analyze, including client-side software and internal tools.