elfcat - Dump sections or program entries from a ELF file

  •        27

Dump sections or program entries from a ELF file.




Related Projects

dissection - The dissection of a simple "hello world" ELF binary.

  •    Assembly

The representation of executables, shared libraries and relocatable object code is standardized by a variety of file formats which provides encapsulation of assembly instructions and data. Two such formats are the Portable Executable (PE) file format and the Executable and Linkable Format (ELF), which are used by Windows and Linux respectively. Both of these formats partition executable code and data into sections and assign appropriate access permissions to each section, as summarised by table 1. In general, no single section has both write and execute permissions as this could compromise the security of the system. Table 1: A summary of the most commonly used sections in ELF files. The .text section contains executable code while the .rodata, .data and .bss sections contains data in various forms.



itsELF is an ELF analyzer and an antivirus. With a wxWidgets based interface, it should help to analyze every ELF's sections and attributes.

esptool-ck - ESP8266 build/flash helper tool by Christian Klippel

  •    C

Esptool is a tool to create firmware files for the ESP8266 chip and flash the firmware to the chip over serial port. Esptool runs on Windows, Linux and Mac OS X. Esptool reads the compiled program in ELF format, extracts code and data sections, and either dumps a section to a file or assembles the firmware file from several segments. Esptool also communicates with the ESP8266 bootloader to upload firmware files to flash. Esptool can automatically put the board into UART bootloader mode using a variety of methods.

ELF - An End-To-End, Lightweight and Flexible Platform for Game Research

  •    C++

ELF is an Extensive, Lightweight and Flexible platform for game research, in particular for real-time strategy (RTS) games. On the C++-side, ELF hosts multiple games in parallel with C++ threading. On the Python side, ELF returns one batch of game state at a time, making it very friendly for modern RL. In comparison, other platforms (e.g., OpenAI Gym) wraps one single game instance with one Python interface. This makes concurrent game execution a bit complicated, which is a requirement of many modern reinforcement learning algorithms. Besides, ELF now also provides a Python version for running concurrent game environments, by Python multiprocessing with ZeroMQ inter-process communication. See ./ex_elfpy.py for a simple example.

ELF - ELF: a platform for game research with AlphaGoZero/AlphaZero reimplementation

  •    C++

ELF is an Extensive, Lightweight, and Flexible platform for game research. We have used it to build our Go playing bot, ELF OpenGo, which achieved a 14-0 record versus four global top-30 players in April 2018. The final score is 20-0 (each professional Go players play 5 games). We have released our v0 models here.

xHook - 🔥 A PLT hook library for Android native ELF (executable and shared libraries)

  •    C

xhook is a PLT (Procedure Linkage Table) hook library for Android native ELF (executable and shared libraries). xhook has been keeping optimized for stability and compatibility.

pdfextract - A tool and library that can extract various areas of text from a PDF, especially a scholarly article PDF

  •    Ruby

A tool and library that can extract various areas of text from a PDF, especially a scholarly article PDF. It performs structural analysis to determine column bounds, headers, footers, sections, titles and so on. It can analyse and categorise sections into reference and non-reference sections and can split reference sections into individual references. The latest version is 0.1.1. Earlier versions are far less reliable.

TLIndexPathTools - TLIndexPathTools is a small set of classes that can greatly simplify your table and collection views

  •    Objective-C

TLIndexPathTools is as lightweight as you want it to be. Start small by using TLIndexPathDataModel as your data model (instead of an array) and gain the ability to easily organize data into sections and simplify your view controller with APIs like [dataModel numberOfRowsInSection:], [dataModel itemAtIndexPath:], and [dataModel indexPathForItem:]. Or keep reading to learn about automatic batch updates, easier Core Data integration and more. TLIndexPathDataModel encapsulates this pattern into a single class and provides numerous APIs for easy data access. Furthermore, the TLIndexPathDataModel initializers offer multiple ways to organize raw data into sections (including empty sections). TLIndexPathDataModel is perfectly suitable for single-section views where an NSArray would suffice and has the benefit of being "refactor proof" if additional sections are added later.

laravel-dump-server - Bring Symfony's Var-Dump Server to Laravel

  •    PHP

Bringing the Symfony Var-Dump Server to Laravel. This package will give you a dump server, that collects all your dump call outputs, so that it does not interfere with HTTP / API responses.

NT Dump

  •    C

NT Dump allows the dumping of password hashes and LSA secrets on Windows NT computers. NT Dump is small as so to reduce network traffic. It is also able to run in a batch-mode in which it can dump from multiple computers with maximum performance.

mysql2sqlite - Converts MySQL dump to SQLite3 compatible dump

  •    Awk

Converts MySQL dump to SQLite3 compatible dump (including MySQL KEY xxxxx statements from the CREATE block). The script is written in awk (tested with gawk, but should work with original awk, and the lightning fast mawk) and shall be fully POSIX compliant.

ELF Tool Chain

  •    C

A BSD-licensed implementation of compilation tools (nm, ar, as, ld, etc.) for the ELF object format.

bloaty - Bloaty McBloatface: a size profiler for binaries

  •    C++

Ever wondered what's making your ELF or Mach-O binary big? Bloaty McBloatface will show you a size profile of the binary so you can understand what's taking up space inside.Bloaty works on binaries, shared objects, object files, and static libraries (.a files). It supports ELF/DWARF and Mach-O, though the Mach-O support is much more preliminary (it shells out to otool/symbols instead of parsing the file directly).

dockerize - A tool for creating minimal docker images from dynamic ELF binaries.

  •    Python

Dockerize will pack up your dynamically linked ELF binaries and all their dependencies and turn them into a Docker image.

patchelf - A small utility to modify the dynamic linker and RPATH of ELF executables

  •    C

A small utility to modify the dynamic linker and RPATH of ELF executables

Log Toolkit

  •    C

This project provides a set of logfile processing tools: - Convert from W3C to ELF (extended log format) - Convert from Netscape/iPlanet to ELF - Strip corrupt logfile lines - Sort logfile lines by date - Filter lines by URI prefix or result code -

rp - rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries

  •    C++

rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O (doesn't support the FAT binaries) x86/x64 binaries. It is open-source, documented with Doxygen (well, I'm trying to..) and has been tested on several OS: Debian / Windows 7 / FreeBSD / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible. I almost forgot, it handles both Intel and AT&T syntax (beloved BeaEngine). By the way, the tool is a standalone executable ; I will upload static-compiled binaries for each OS. You can build very easily rp++ with CMake, it will generate a project file for your prefered IDE. There are some other things you will be able to do with rp++, like finding hexadecimal values, or strings, etc.

pyelftools - Parsing ELF and DWARF in Python

  •    Python

pyelftools is a pure-Python library for parsing and analyzing ELF files and DWARF debugging information. See the User's guide for more details. As a user of pyelftools, one only needs Python to run. It works with Python versions 2.7 and 3.x (x >= 2). For hacking on pyelftools the requirements are a bit more strict, please see the hacking guide.

the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)

  •    Python

For security professionals and researchers only. The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.

HaboMalHunter - HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo

  •    Python

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system. The tool help security analyst extracting the static and dynamic features from malware effectively and efficiently. The generated report provides significant information about process, file I/O, network and system calls. The tool can be used for the static and dynamic analysis of ELF files on the Linux x86/x64 platform.