Displaying 1 to 20 from 44 results

the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)

  •    Python

For security professionals and researchers only. The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.

exodus - Painless relocation of Linux binaries–and all of their dependencies–without containers.

  •    Python

Exodus is a tool that makes it easy to successfully relocate Linux ELF binaries from one system to another. This is useful in situations where you don't have root access on a machine or where a package simply isn't available for a given Linux distribution. For example, CentOS 6.X and Amazon Linux don't have packages for Google Chrome or aria2. Server-oriented distributions tend to have more limited and outdated packages than desktop distributions, so it's fairly common that one might have a piece of software installed on their laptop that they can't easily install on a remote machine. With exodus, transferring a piece of software that's working on one computer to another is as simple as this.

xHook - 🔥 A PLT hook library for Android native ELF (executable and shared libraries)

  •    C

xhook is a PLT (Procedure Linkage Table) hook library for Android native ELF (executable and shared libraries). xhook has been keeping optimized for stability and compatibility.

bingrep - like ~~grep~~ UBER, but for binaries

  •    Rust

NOTE: Building requires rustc version 1.17 or greater. If you're using a distro's rust compiler, consider using https://rustup.rs to install your rustc compiler and associated binaries. bingrep is available through cargo, via cargo install bingrep, or you can build, and install the resulting binary wherever you like.




fcd - An optimizing decompiler

  •    C++

Fcd is an LLVM-based native program optimizing decompiler, released under an LLVM-style license. It started as a bachelor's degree senior project and carries forward its initial development philosophy of getting results fast. As such, it was architectured to have low coupling between distinct decompilation phases and to be highly hackable. Fcd uses a unique technique to reliably translate machine code to LLVM IR. Currently, it only supports x86_64. Disassembly uses Capstone. It implements pattern-independent structuring to provide a goto-free output.

Detect-It-Easy - Detect it Easy

  •    HTML

Detect It Easy, or abbreviated "DIE" is a program for determining types of files. "DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS.

HaboMalHunter - HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo

  •    Python

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system. The tool help security analyst extracting the static and dynamic features from malware effectively and efficiently. The generated report provides significant information about process, file I/O, network and system calls. The tool can be used for the static and dynamic analysis of ELF files on the Linux x86/x64 platform.


ELFDump - ELFDump is a C parser for ELF64 object files.

  •    C

ELFDump is a C parser for ELF64 object files. ELFDump is released under the terms of the XEOS Software License.

elfy - Dumb simple ELF parser

  •    Javascript

This software is licensed under the MIT License.Copyright Fedor Indutny, 2014.

node-elf-logger - A Node

  •    Javascript

This library is a simple, configurable, node.js HTTP server compatible logging implementation that complies with the W3C's Extended Log File Format. Major HTTP servers like IIS and Apache have options to follow this logging format, and that has the advantage of log viewing software that has already been written for this format.dir: The root directory where node-elf-logger should store it's log files. This value will be prefixed onto the template value if present.

elfloader - ARMv7M ELF loader

  •    C

The goal of this project is provide a loader for ELF file format for ARMv7-M (thumb-2) architecture (Aka Cortex-M, Cortex-R in Thumb2 mode) over bare-metal or RTOS enviroment. This loader not required MMU or special OS support (only aligned memory alloc) and run with minimun memory overhead (only required parts of files is loaded in memory).

elfkit - rust elf parsing, manipulation and (re)linking toolkit

  •    Rust

an elf read and manipulation library in pure rust (written from scratch, no bfd, no gnu code, no license infections), intended to be used in binary manipulation utils such as strip, chrpath, objcopy and ld. The end goal is to build a well designed library that facilitates all sorts of binary manipulation magic. elfkit can now link elfkit, so it's reasonably complete for x86_64. But it's definitely not stable yet and might produce incorrect code.

elftree - ELF library dependency viewer

  •    Go

Show library dependency of an ELF binary in a tree form. It supports folding and expanding subtree and shows related information.

elfcat - Dump sections or program entries from a ELF file

  •    C

Dump sections or program entries from a ELF file.

termux-elf-cleaner - Utility to remove unused ELF sections causing warnings.

  •    C

Utility for Android ELF files to remove unused parts that the linker warns about. Fredrik Fornwall (@fornwall).