Glossary
Stripped Binary
An executable from which the symbol table and debug information have been removed, making reverse engineering significantly harder.
A stripped binary is one that has had its symbol table and debug sections removed — typically via the strip command on Linux or by disabling PDB generation on Windows. Without symbols, a disassembler cannot label functions by name, and a decompiler produces generic names like sub_140001000. Most commercial and malicious software ships stripped. Analysts compensate by using heuristics, YARA rules, function-signature databases (e.g., FLIRT/RTTI), and behavioral dynamic analysis to identify library code and reconstruct meaningful names.