Static analysis: Look for suspicious strings. Find the text `flag.txt`. Find nearby code that looks like you might want to jump to it.

Dynamic analysis: Try stuff. Discover that the binary jumps to the address given by the first argument, interpreted in hexadecimal.

Step 3: ???

```
$ nc rev.chal.csaw.io 1001
Give me two args, space separated:
400cbb whatever
flag{you_got_the_call_site}
Wrong!
```

Profit!