elf-parser - Lightweight elf binary parser with no external dependencies - Sections, Symbols, Relocations, Segments

  •        33

Lightweight elf binary parser with no external dependencies - Sections, Symbols, Relocations, Segments

https://github.com/finixbit/elf-parser

Tags
Implementation
License
Platform

   




Related Projects

dissection - The dissection of a simple "hello world" ELF binary.

  •    Assembly

The representation of executables, shared libraries and relocatable object code is standardized by a variety of file formats which provides encapsulation of assembly instructions and data. Two such formats are the Portable Executable (PE) file format and the Executable and Linkable Format (ELF), which are used by Windows and Linux respectively. Both of these formats partition executable code and data into sections and assign appropriate access permissions to each section, as summarised by table 1. In general, no single section has both write and execute permissions as this could compromise the security of the system. Table 1: A summary of the most commonly used sections in ELF files. The .text section contains executable code while the .rodata, .data and .bss sections contains data in various forms.

exodus - Painless relocation of Linux binaries–and all of their dependencies–without containers.

  •    Python

Exodus is a tool that makes it easy to successfully relocate Linux ELF binaries from one system to another. This is useful in situations where you don't have root access on a machine or where a package simply isn't available for a given Linux distribution. For example, CentOS 6.X and Amazon Linux don't have packages for Google Chrome or aria2. Server-oriented distributions tend to have more limited and outdated packages than desktop distributions, so it's fairly common that one might have a piece of software installed on their laptop that they can't easily install on a remote machine. With exodus, transferring a piece of software that's working on one computer to another is as simple as this.

ELF - An End-To-End, Lightweight and Flexible Platform for Game Research

  •    C++

ELF is an Extensive, Lightweight and Flexible platform for game research, in particular for real-time strategy (RTS) games. On the C++-side, ELF hosts multiple games in parallel with C++ threading. On the Python side, ELF returns one batch of game state at a time, making it very friendly for modern RL. In comparison, other platforms (e.g., OpenAI Gym) wraps one single game instance with one Python interface. This makes concurrent game execution a bit complicated, which is a requirement of many modern reinforcement learning algorithms. Besides, ELF now also provides a Python version for running concurrent game environments, by Python multiprocessing with ZeroMQ inter-process communication. See ./ex_elfpy.py for a simple example.

ELF - ELF: a platform for game research with AlphaGoZero/AlphaZero reimplementation

  •    C++

ELF is an Extensive, Lightweight, and Flexible platform for game research. We have used it to build our Go playing bot, ELF OpenGo, which achieved a 14-0 record versus four global top-30 players in April 2018. The final score is 20-0 (each professional Go players play 5 games). We have released our v0 models here.


bloaty - Bloaty McBloatface: a size profiler for binaries

  •    C++

Ever wondered what's making your ELF or Mach-O binary big? Bloaty McBloatface will show you a size profile of the binary so you can understand what's taking up space inside.Bloaty works on binaries, shared objects, object files, and static libraries (.a files). It supports ELF/DWARF and Mach-O, though the Mach-O support is much more preliminary (it shells out to otool/symbols instead of parsing the file directly).

xHook - 🔥 A PLT hook library for Android native ELF (executable and shared libraries)

  •    C

xhook is a PLT (Procedure Linkage Table) hook library for Android native ELF (executable and shared libraries). xhook has been keeping optimized for stability and compatibility.

BOLT - Binary Optimization and Layout Tool - A linux command-line utility used for optimizing performance of binaries

  •    C++

BOLT is a post-link optimizer developed to speed up large applications. It achieves the improvements by optimizing application's code layout based on execution profile gathered by sampling profiler, such as Linux perf tool. BOLT can operate on any binary with a symbol table, but for maximum gains it utilizes relocations saved by a linker (--emit-relocs). An overview of the ideas implemented in BOLT along with a discussion of its potential and current results is available in an arXiv paper. NOTE: current support is limited to non-PIE X86-64 and AArch64 ELF binaries.

ELF Tool Chain

  •    C

A BSD-licensed implementation of compilation tools (nm, ar, as, ld, etc.) for the ELF object format.

dockerize - A tool for creating minimal docker images from dynamic ELF binaries.

  •    Python

Dockerize will pack up your dynamically linked ELF binaries and all their dependencies and turn them into a Docker image.

patchelf - A small utility to modify the dynamic linker and RPATH of ELF executables

  •    C

A small utility to modify the dynamic linker and RPATH of ELF executables

Log Toolkit

  •    C

This project provides a set of logfile processing tools: - Convert from W3C to ELF (extended log format) - Convert from Netscape/iPlanet to ELF - Strip corrupt logfile lines - Sort logfile lines by date - Filter lines by URI prefix or result code -

rp - rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries

  •    C++

rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O (doesn't support the FAT binaries) x86/x64 binaries. It is open-source, documented with Doxygen (well, I'm trying to..) and has been tested on several OS: Debian / Windows 7 / FreeBSD / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible. I almost forgot, it handles both Intel and AT&T syntax (beloved BeaEngine). By the way, the tool is a standalone executable ; I will upload static-compiled binaries for each OS. You can build very easily rp++ with CMake, it will generate a project file for your prefered IDE. There are some other things you will be able to do with rp++, like finding hexadecimal values, or strings, etc.

pyelftools - Parsing ELF and DWARF in Python

  •    Python

pyelftools is a pure-Python library for parsing and analyzing ELF files and DWARF debugging information. See the User's guide for more details. As a user of pyelftools, one only needs Python to run. It works with Python versions 2.7 and 3.x (x >= 2). For hacking on pyelftools the requirements are a bit more strict, please see the hacking guide.

the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)

  •    Python

For security professionals and researchers only. The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.

HaboMalHunter - HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo

  •    Python

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system. The tool help security analyst extracting the static and dynamic features from malware effectively and efficiently. The generated report provides significant information about process, file I/O, network and system calls. The tool can be used for the static and dynamic analysis of ELF files on the Linux x86/x64 platform.

simavr - simavr is a lean, mean and hackable AVR simulator for linux & OSX

  •    C

simavr is a new AVR simulator for linux, or any platform that uses avr-gcc. It uses avr-gcc's own register definition to simplify creating new targets for supported AVR devices. The core was made to be small and compact, and hackable so allow quick prototyping of an AVR project. The AVR core is now stable for use with parts with <= 128KB flash, and with preliminary support for the bigger parts. The simulator loads ELF files directly, and there is even a way to specify simulation parameters directly in the emulated code using an .elf section. You can also load multipart HEX files. Otherwise, make is enough to just start using bin/simavr. To install the simavr command system-wide, make install RELEASE=1.

AsmSrc

  •    

asmsrc generates assembler assembler source files from Linux executables. Library calls are detected along with symbols and other information found in ELF executable files. Generated source file is in nasm format.

itsELF

  •    

itsELF is an ELF analyzer and an antivirus. With a wxWidgets based interface, it should help to analyze every ELF's sections and attributes.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.