Packages that operate on binary in some form.
Tool count: 71
Name | Version | Description | Homepage |
---|---|---|---|
amber | 256.f6eb2dc | Reflective PE packer. | https://github.com/EgeBalci/Amber |
amoco | v2.9.11.r2.gf1182a5 | Yet another tool for analysing binaries. | https://github.com/bdcht/amoco |
androguard | 3.3.5 | Reverse engineering, Malware and goodware analysis of Android applications and more. | https://github.com/androguard/androguard |
angr | 9.1.11752 | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | https://pypi.org/project/angr/#files |
angr-management | 9.1.11752 | This is the GUI for angr. | https://pypi.org/project/angr-management/#files |
angr-py2 | 7.8.9.26 | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | https://pypi.org/project/angr/#files |
avet | 133.2f1d882 | AntiVirus Evasion Tool | https://github.com/govolution/avet |
barf | 923.9547ef8 | A multiplatform open source Binary Analysis and Reverse engineering Framework. | https://github.com/programa-stic/barf-project |
bgrep | 24.28029c9 | Binary grep. | https://github.com/tmbinc/bgrep |
binaryninja-python | 13.83f59f7 | Binary Ninja prototype written in Python. | https://github.com/Vector35/binaryninja-python |
bindead | 4504.67019b97b | A static analysis tool for binaries | https://bitbucket.org/mihaila/bindead |
bindiff | 6.0.0 | A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code. | http://www.zynamics.com/bindiff.html |
binflow | 5.7fb02a9 | POSIX function tracing. Much better and faster than ftrace. | https://github.com/elfmaster/binflow |
binwally | 4.0aabd8b | Binary and Directory tree comparison tool using the Fuzzy Hashing concept (ssdeep). | https://github.com/bmaia/binwally |
bsdiff | 4.3 | Tools for building and applying patches to binary files. | https://www.daemonology.net/bsdiff/ |
bvi | 1.4.2 | A display-oriented editor for binary files operate like "vi" editor. | http://bvi.sourceforge.net/ |
bytecode-viewer | 2.12 | A Java 8/Android APK Reverse Engineering Suite. | https://github.com/Konloch/bytecode-viewer |
cminer | 25.d766f7e | A tool for enumerating the code caves in PE files. | https://github.com/EgeBalci/Cminer/ |
cpp2il | 2022.0.7.r17.g20ccab2 | A tool to reverse unity's IL2PP toolchain | https://github.com/SamboyCoding/Cpp2IL |
detect-it-easy | 3.09 | A program for determining types of files. | https://github.com/horsicq/DIE-engine/releases |
dissector | 1 | This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux. | http://packetstormsecurity.com/files/125972/Coloured-ELF-File-Dissector.html |
dutas | 10.37fa3ab | Analysis PE file or Shellcode. | https://github.com/dungtv543/Dutas |
dwarf | 1084.fd859ae | Full featured multi arch/os debugger built on top of PyQt5 and frida. | https://github.com/iGio90/Dwarf |
dynamorio | 9.0.19046 | A dynamic binary instrumentation framework. | https://github.com/DynamoRIO/dynamorio |
ecfs | 305.1758063 | Extended core file snapshot format. | https://github.com/elfmaster/ecfs |
elfkickers | 3.2 | Collection of ELF utilities (includes sstrip) | https://www.muppetlabs.com/~breadbox/software/elfkickers.html |
elfparser | 7.39d21ca | Cross Platform ELF analysis. | https://github.com/jacob-baines/elfparser |
elfutils | 0.191 | Handle ELF object files and DWARF debugging information (utilities) | https://sourceware.org/elfutils/ |
eresi | 1291.4769c175 | The ERESI Reverse Engineering Software Interface. | https://github.com/thorkill/eresi |
exescan | 1.ad993e3 | A tool to detect anomalies in PE (Portable Executable) files. | https://github.com/cysinfo/Exescan |
expimp-lookup | 4.79a96c7 | Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree. | https://github.com/tr3w/ExpImp-Lookup |
expose | 1110.30264af | A Dynamic Symbolic Execution (DSE) engine for JavaScript | https://github.com/ExpoSEJS/ExpoSE |
haystack | 1823.c178b5a | A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. | https://github.com/trolldbois/python-haystack |
hercules-payload | 222.2607a3a | A special payload generator that can bypass all antivirus software. | https://github.com/EgeBalci/HERCULES |
hex2bin | 2.5 | Converts Motorola and Intel hex files to binary. | http://hex2bin.sourceforge.net/ |
imagejs | 56.a442f94 | Small tool to package javascript into a valid image file. | https://github.com/jklmnn/imagejs |
jpegdump | 0.0.7 | Tool to analyzse JPEG images Reads binary files and parses the JPEG markers inside them. | https://blog.didierstevens.com/2019/04/28/update-jpegdump-py-version-0-7/ |
klee | 2.1 | A symbolic virtual machine built on top of the LLVM compiler infrastructure. | https://github.com/klee/klee |
leena | 2.5119f56 | Symbolic execution engine for JavaScript | https://github.com/mmicu/leena |
loadlibrary | 104.c40033b | Porting Windows Dynamic Link Libraries to Linux. | https://github.com/taviso/loadlibrary |
ltrace | 0.7.3 | Tracks runtime library calls in dynamically linked programs | https://www.ltrace.org/ |
manticore | 0.3.7.r73.g88610053 | Symbolic execution tool. | https://github.com/trailofbits/manticore |
metame | 14.8d583a0 | A simple metamorphic code engine for arbitrary executables. | https://github.com/a0rtega/metame |
objdump2shellcode | 28.c2d6120 | A tool I have found incredibly useful whenever creating custom shellcode. | https://github.com/wetw0rk/objdump2shellcode |
oledump | 0.0.77 | Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams. | http://blog.didierstevens.com/programs/oledump-py/ |
packer | 1.11.2 | tool for creating identical machine images for multiple platforms from a single source configuration | https://github.com/hashicorp/packer |
packerid | 1.4 | Script which uses a PEiD database to identify which packer (if any) is being used by a binary. | http://handlers.sans.org/jclausing/ |
patchkit | 37.95dc699 | Powerful binary patching from Python. | https://github.com/lunixbochs/patchkit |
pixd | 9.f49add4 | Colourful visualization tool for binary files. | https://github.com/FireyFly/pixd |
powerstager | 14.0149dc9 | A payload stager using PowerShell. | https://github.com/z0noxz/powerstager |
procdump | 63.5f23548 | Generate coredumps based off performance triggers. | https://github.com/Microsoft/ProcDump-for-Linux |
proctal | 482.67bf7e8 | Provides a command line interface and a C library to manipulate the address space of a running program on Linux. | https://github.com/daniel-araujo/proctal |
python-oletools | 0.60.2 | Tools to analyze Microsoft OLE2 files. | https://pypi.org/project/oletools/ |
python-peid | 2.2.1 | Python implementation of the Packed Executable iDentifier (PEiD). | |
python2-oletools | 0.60.2 | Tools to analyze Microsoft OLE2 files. | https://pypi.org/project/oletools/ |
quickscope | 500.634753a | Statically analyze windows, linux, osx, executables and also APK files. | https://github.com/CYB3RMX/Qu1cksc0pe |
rbasefind | 41.a661118 | A firmware base address search tool. | https://github.com/sgayou/rbasefind |
redress | v0.8.0.alpha4.r6.g28a8814 | A tool for analyzing stripped Go binaries. | https://github.com/goretk/redress |
saruman | 2.4be8db5 | ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). | https://github.com/elfmaster/saruman |
sgn | 36.f54fa65 | Shikata ga nai encoder ported into go with several improvements. | https://github.com/EgeBalci/sgn |
soot | 3.4.0 | A Java Bytecode Analysis and Transformation Framework. | http://www.sable.mcgill.ca/soot |
strace | 6.11 | A diagnostic, debugging and instructional userspace tracer | https://strace.io/ |
stringsifter | 39.33c0cd5 | Machine learning tool that automatically ranks strings based on their relevance for malware analysis. | https://github.com/fireeye/stringsifter |
swftools | 0.9.2 | A collection of SWF manipulation and creation utilities. | http://www.swftools.org/ |
triton | 4232.0648bb9d | A Dynamic Binary Analysis (DBA) framework. | https://github.com/JonathanSalwan/Triton |
upx | 4.2.4 | Extendable, high-performance executable packer for several executable formats | https://github.com/upx/upx |
valgrind | 3.23.0 | Tool to help find memory-management problems in programs | https://valgrind.org/ |
veles | 637.e65de5a | New open source tool for binary data analysis. | https://codisec.com/veles/ |
wcc | 99.08f67cd | The Witchcraft Compiler Collection. | https://github.com/endrazine/wcc |
wxhexeditor | 733.f439d8f | A free hex editor / disk editor for Linux, Windows and MacOSX. | http://wxhexeditor.sourceforge.net/ |
zelos | 272.506554d | A comprehensive binary emulation and instrumentation platform. | https://github.com/zeropointdynamics/zelos |