FLARE Obfuscated String Solver (FLOSS) is a malware analysis utility that automatically extracts and deobfuscates strings from executable binaries.
It complements basic strings tools by recovering data that malware commonly builds, decodes, or stores in formats that don’t appear as plaintext, helping analysts surface configuration data, domains, file paths, and other indicators during static analysis.
This is free and open source software.
Key Features
- Extracts regular ASCII and UTF-16LE static strings from binaries.
- Recovers stack strings, tight strings, and decoded strings.
- Supports language-specific string extraction from Go and Rust programs.
- Works as a command line utility for analysing suspicious executables.
- Offers options to focus on selected string types or omit static strings.
- Includes helper scripts for loading output into Binary Ninja and IDA Pro.
- Cross-platform support – runs under Linux, macOS, and Windows.
Website: github.com/mandiant/flare-floss
Support:
Developer: Mandiant
License: Apache License 2.0
FLOSS is written in Python. Learn Python with our recommended free books and free tutorials.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |