6 files changed, 124 insertions, 0 deletions
diff --git a/src/binary/README.md b/src/binary/README.md
new file mode 100644
index 0000000..b75e0e2
--- /dev/null
+++ b/src/binary/README.md
@@ -0,0 +1 @@
+# Binary
diff --git a/src/binary/nm.md b/src/binary/nm.md
new file mode 100644
index 0000000..6e6fd1a
--- /dev/null
+++ b/src/binary/nm.md
@@ -0,0 +1,7 @@
+# nm(1)
+
+```markdown
+  nm [opts] <elf>
+    -C          demangle
+    -u          undefined only
+```
diff --git a/src/binary/objdump.md b/src/binary/objdump.md
new file mode 100644
index 0000000..636db3f
--- /dev/null
+++ b/src/binary/objdump.md
@@ -0,0 +1,18 @@
+# objdump(1)
+
+```markdown
+  objdump [opts] <elf>
+    -M intel                use intil syntax
+    -d                      disassemble text section
+    -D                      disassemble all sections
+    -S                      mix disassembly with source code
+    -C                      demangle
+    -j <section>            display info for section
+    --[no-]show-raw-insn    [dont] show object code next to disassembly
+```
+
+## Disassemble section
+For example `.plt` section:
+```markdown
+  objdump -j .plt -d <elf>
+```
diff --git a/src/binary/od.md b/src/binary/od.md
new file mode 100644
index 0000000..47f567a
--- /dev/null
+++ b/src/binary/od.md
@@ -0,0 +1,49 @@
+# od(1)
+
+```markdown
+  od [opts] <file>
+    -An         don't print addr info
+    -tx4        print hex in 4 byte chunks
+    -ta         print as named character
+    -tc         printable chars or backslash escape
+    -w4         print 4 bytes per line
+    -j <n>      skip <n> bytes from <file> (hex if start with 0x)
+    -N <n>      dump <n> bytes (hex of start with 0x)
+```
+
+## ASCII to hex string
+```markdown
+  echo -n AAAABBBB | od -An -w4 -tx4
+    >> 41414141
+    >> 42424242
+
+  echo -n '\x7fELF\n' | od -tx1 -ta -tc
+    >> 0000000  7f  45  4c  46  0a      # tx1
+    >>         del   E   L   F  nl      # ta
+    >>         177   E   L   F  \n      # tc
+```
+
+## Extract parts of file
+For example `.rodata` section from an elf file. We can use `readelf` to get the
+offset into the file where the `.rodata` section starts.
+```markdown
+  readelf -W -S foo
+    >> Section Headers:
+    >> [Nr] Name              Type            Address          Off    Size   ES Flg Lk Inf Al
+    >> ...
+    >> [15] .rodata           PROGBITS        00000000004009c0 0009c0 000030 00   A  0   0 16
+```
+
+With the offset of `-j 0x0009c0` we can dump `-N 0x30` bytes from the beginning of
+the `.rodata` section as follows:
+```markdown
+  od -j 0x0009c0 -N 0x30 -tx4 -w4 foo
+    >> 0004700 00020001
+    >> 0004704 00000000
+    >> *
+    >> 0004740 00000001
+    >> 0004744 00000002
+    >> 0004750 00000003
+    >> 0004754 00000004
+```
+**Note**: Numbers starting with `0x` will be interpreted as hex by `od`.
diff --git a/src/binary/readelf.md b/src/binary/readelf.md
new file mode 100644
index 0000000..d359a84
--- /dev/null
+++ b/src/binary/readelf.md
@@ -0,0 +1,13 @@
+# readelf(1)
+
+```markdown
+  readelf [opts] <elf>
+    -W|--wide     wide output, dont break output at 80 chars
+    -h            print ELF header
+    -S            print section headers
+    -l            print program headers + segment mapping
+    -d            print .dynamic section (dynamic link information)
+    --syms        print symbol tables (.symtab .dynsym)
+    --dyn-syms    print dynamic symbol table (exported symbols for dynamic linker)
+    -r            print relocation sections (.rel.*, .rela.*)
+```
diff --git a/src/binary/xxd.md b/src/binary/xxd.md
new file mode 100644
index 0000000..cd76f14
--- /dev/null
+++ b/src/binary/xxd.md
@@ -0,0 +1,36 @@
+# xxd(1)
+
+```markdown
+  xxd [opts]
+    -p          dump continuous hexdump
+    -r          convert hexdump into binary ('revert')
+    -e          dump as little endian mode
+    -i          output as C array
+```
+
+## ASCII to hex stream
+```markdown
+  echo -n 'aabb' | xxd -p
+    >> 61616262
+```
+
+## Hex to binary stream
+```markdown
+  echo -n '61616262' | xxd -p -r
+    >> aabb
+```
+
+## ASCII to binary
+```markdown
+  echo -n '\x7fELF' | xxd -p | xxd -p -r | file -p -
+    >> ELF
+```
+
+## ASCII to `C` array (hex encoded)
+```markdown
+  xxd -i <(echo -n '\x7fELF')
+    >> unsigned char _proc_self_fd_11[] = {
+    >>   0x7f, 0x45, 0x4c, 0x46
+    >> };
+    >> unsigned int _proc_self_fd_11_len = 4;
+```