[hanan]

Hi,

I am looking for a software that can mine a file from another binary file (or just blob), something like NetworkMiner but for regular files.

Do you know if such software exist? i am assume that someone have created it already but i can't find it through googleing.

I have found binwalk http://code.google.com/p/binwalk/,
but bitwalk seems to be for linux, i would like to get something for windows (that can search for .sys .exe and so on).

Thanks.

[nullptr]

Wouldn't any hex editor with a search function do what you want?

[hanan]

Wouldn't any hex editor with a search function do what you want?

you are right, but why do it by hand if there is an automated Tool ? a tool can do that automatically for a large amount of files and file signatures.

[Buster_BSA]

Take a look at Signsrch by Luigi Auriemma and let me know if that´s what you are looking for:

http://aluigi.altervista.org/mytoolz.htm

http://aluigi.altervista.org/mytoolz/signsrch.zip

[nex]

I guess it depends from what kind of data you want to extract and from what type of format.
Being so generic, I'd suggest you to give a look at FileInsight. It's a pretty good tool.

[frank_boldewin]

Scalpel version 2.0

http://www.digitalforensicssolutions.com/Scalpel/

[fasmotol]

Why can't you just write a little python script fe? I think it took longer for you to wait for a respond.