xxd
Hex dump and reverse hex dump utility. Can convert binaries to hex and reconstruct binaries from hex — useful for payload staging and encoding.
Binary Paths
/usr/bin/xxd/bin/xxd
Glob Patterns
| Pattern | Notes |
|---|---|
x?d
|
Single wildcard replaces 'x' |
xx[d]
|
Character class on last char |
x*d
|
Star matches 'x' |
/usr/bin/x?d
|
Full path, wildcard on middle char |
/???/bin/x?d
|
Obfuscate /usr/ and the middle 'x' |
$(ls /usr/bin/x?d)
|
ls resolves glob to /usr/bin/xxd; command substitution executes it |
$'\x78\x78\x64'
|
ANSI-C hex escapes expand to 'xxd' |
Pattern Tester
$
Try typing xxd or a full path like /usr/bin/xxd
YARA Rule
Auto-generated detection rule for xxd
Platform Notes
xxd can encode a binary to hex (xxd -p file) and reconstruct it (xxd -r -p hexstring > file). Useful for transferring binaries as hex strings over text channels. Combined with echo: echo '7f454c46...' | xxd -r -p > /tmp/elf && chmod +x /tmp/elf.