For security professionals and researchers only. The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.
file-infector bdf capstone pe macho elfThe purpose of this project is to provide a cross platform library which can parse, modify and abstract ELF, PE and MachO formats.
reverse-engineering malware-analysis binary-analysis parser modification executable-formats elf macho pe lief parsing sdk android dex oat art vdexThis is a Hopper plugin (not script) written in Swift for demangling Swift symbols. Once you've installed the plugin you should have a new Tool Plugins menu item. There you can see the added Swift demangle commands.
hopper osx demangle machomacOS only until now, Windows support in the near future.
machoexplorer machoview macho libmacho libmoex moexA macOS utility to extract dynamic libraries from the dyld_shared_cache of macOS and iOS. The project is available as a macOS application (with GUI) and as a command line tool.
ios dyld dylib cache extract extract-dynamic-libraries macos-utility reverse-engineering machoCollection of tools (disassembler, emulator, binary parser) aimed at reverse enginering tasks, more specifically, bug finding related. Currently we target ARMv7 and Mach-O though in the future more architectures and formats are planned. retools is somewhat unique in that most of the semantics for relevant instructions are parsed out of the specification PDFs as opposed to being generated by hand. Currently the disassembler, emulator, and binary parsers are partially done, with a symbolic execution engine and instrumentation/hooking framework to come as I get more time.
re reverse engineering vulndev framework arm armv7 armv8 macho emulator binary vulnerability research disassembler disassemblyA tool to extract code from individual functions in a library. Support ELF32, ELF64 and Mach-O libraries.
elf machoLibrary and tool for retrieving embedded bitcode from binaries end libraries. It supports all types of objects files (Mach-O, ELF, COFF, ...) as well as Mach-O universal binaries, and static and dynamic libraries. ebcutil is a stand-alone command line tool for extracting embedded bitcode.
bitcode macho elf llvm toolToday this includes some basic build support (CONFIG_OSX) in ./configure and ./Makefile. It also makes the '-run' mode function, allowing tcc to open up libc.dylib. The targets are arm64-win32-tcc and arm64-uefi-tcc. libtcc1 is not built, so this is only useful for standalone code, such as UEFI images.
osx macho tcc tinycc efi pe uefiMalicious use of macho, such as dump-runtime-macho, function-hook. dump runtime macho file and dyld load address.
macho exploit osx iosMach-O Explorer is a graphical Mach-O viewer for macOS. It aims to provide an interface and feature set that are similar to the venerable MachOView application. Parsing is handled by Mach-O Kit. Mach-O Explorer leverages Mach-O Kit's rich description system to present the parsed data using very little code. Mach-O Explorer should deploy back to OS X 10.11 (and possibly further) but is currently only being actively tested on macOS 10.13.
mach-o macho machoview machoexplorerMach-O Kit is an Objective-C framework for parsing Mach-O binaries used by Darwin platforms (macOS, iOS, tvOS, and watchOS). The project also includes a lightweight C library - libMachO - for parsing Mach-O images loaded in the current process. Mach-O Kit is designed to be easy to use while still exposing all the details of the parsed Mach-O file (if you need them). It can serve as the foundation for anything that needs to read Mach-O files - from a one-off command line tool up to a fully featured interactive disassembler. Most importantly, Mach-O Kit is designed to be safe. Every read operation and its returned data is extensively error checked so that parsing a malformed Mach-O file (even a malicious one) does not crash your program.
mach-o parsing macho macho-parser⚠️ This tool may only be used for educational, teaching, learning, understanding and research purposes only. Completely self-contained binary ROP/JOP gadget analyzer for comparing two binaries side-by-side and understanding their structures, in 100% pure Javascript, and a self-contained client-side browser application. Focussed on extreme simplicity of usage and portability across platforms.
elf macho rop-gadgets rop-exploitation rop-chain disassembly cybersecurity elf-parser elf-loader macho-parser portable-executable x86 arm arm64 aslr-bypass control-flow binary-analysisPackage macho implements access to and creation of Mach-O object files.
ios apple macho macho-parser
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.