# FLOSS
# Automatically extract obfuscated strings from malware using static analysis, stack strings, and emulation
# FOR610 Labs: 5.2, 5.3 | Sections: 5
# Docs: https://docs.remnux.org/discover-the-tools/examine+static+properties/deobfuscation

% strings, deobfuscation, automated

# Basic usage
floss specimen.exe

# Save output to file
floss specimen.exe > strings-output.txt

# Skip static analysis, focus on dynamic
floss --no-static -- specimen.exe


# --- Recipes (multi-tool chains) ---

# >> Extract Stack-Built Strings
# Automatic stack string recovery
strdeob.pl <sample>
# FLOSS automatic deobfuscation (static + stack + decoded)
floss <sample>
# FLOSS skip static strings, only show decoded
floss --no-static -- <sample>