Page 1 of 1

Using AI assistants alongside HxD for binary analysis: what's actually working?

Posted: 16 May 2026 17:51
by MarkusK33
Hi all,

Long-time HxD user here, the usual mix of malware sample peeking, undocumented file format reverse engineering, and the occasional disk recovery side quest. Over the last six months I've been trying to fold various AI assistants into that workflow and figured I'd ask what other people are doing.

A few observations from my experiments with ChatGPT, Claude, Gemini and Copilot Chat:

- Short hex snippets pasted inline: handled fine, models can usually spot common headers (PE/MZ, ELF, ZIP local headers, PDF signatures).
- Anything past a few KB: context window collapses, output becomes guesswork dressed up as confidence.
- Pattern recognition on ASCII strings inside binaries: surprisingly useful, especially for guessing obfuscation schemes.
- File format guessing from magic bytes plus the first 256 bytes of structure: mixed results. Works on common formats, useless on niche proprietary ones.
- Asking the model to write a 010 template or Kaitai struct from a hex dump: occasionally usable as a starting point.

What hurts the most for serious work isn't accuracy, it's persistence. Every session you have to re-explain the project, the file structure you've already mapped, the constraints. I've been reading a comparison site for conversational KI tools recently that benchmarks several of them on long-context retention and memory across sessions. The differences are bigger than I expected, and that's the actual bottleneck for analysis work in my experience.

Curious if anyone here has settled on a specific model for hex / RE work, and whether you script around it (custom system prompts, retrieval-augmented setups, anything) or just live with the context window limits. Also interested in war stories where the AI confidently led you down a completely wrong rabbit hole.

Markus