Packages that operate on binary les in some form.


Tool count: 64

BlackArch binary
Name Version Description Homepage
amber 245.c6cae74 Reflective PE packer. https://github.com/EgeBalci/Amber
amoco v2.4.1.r286.gd3c2fab Yet another tool for analysing binaries. https://github.com/bdcht/amoco
androguard 2094.99e48e7b Reverse engineering, Malware and goodware analysis of Android applications and more. https://github.com/androguard/androguard
angr 8.20.7.27 The next-generation binary analysis platform from UC Santa Barbaras Seclab. https://pypi.org/project/angr/#files
angr-management 8.20.7.6 This is the GUI for angr. https://pypi.org/project/angr-management/#files
angr-py2 7.8.9.26 The next-generation binary analysis platform from UC Santa Barbaras Seclab. https://pypi.org/project/angr/#files
avet 133.2f1d882 AntiVirus Evasion Tool https://github.com/govolution/avet
barf 923.9547ef8 A multiplatform open source Binary Analysis and Reverse engineering Framework. https://github.com/programa-stic/barf-project
bgrep 15.5ca1302 Binary grep. https://github.com/tmbinc/bgrep
binaryninja-python 13.83f59f7 Binary Ninja prototype written in Python. https://github.com/Vector35/binaryninja-python
bindead 4504.67019b97b A static analysis tool for binaries https://bitbucket.org/mihaila/bindead
bindiff 6.0.0 A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code. http://www.zynamics.com/bindiff.html
binflow 5.7fb02a9 POSIX function tracing. Much better and faster than ftrace. https://github.com/elfmaster/binflow
binwally 4.0aabd8b Binary and Directory tree comparison tool using the Fuzzy Hashing concept (ssdeep). https://github.com/bmaia/binwally
bvi 1.4.1 A display-oriented editor for binary files operate like "vi" editor. http://bvi.sourceforge.net/
bytecode-viewer 2.9.22 A Java 8/Android APK Reverse Engineering Suite. https://github.com/Konloch/bytecode-viewer
cminer 25.d766f7e A tool for enumerating the code caves in PE files. https://github.com/EgeBalci/Cminer/
detect-it-easy 3.00 A program for determining types of files. https://github.com/horsicq/DIE-engine/releases
dissector 1 This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux. http://packetstormsecurity.com/files/125972/Coloured-ELF-File-Dissector.html
dutas 10.37fa3ab Analysis PE file or Shellcode. https://github.com/dungtv543/Dutas
dwarf 1058.539e85c Full featured multi arch/os debugger built on top of PyQt5 and frida. https://github.com/iGio90/Dwarf
dynamorio 8.0.18508 A dynamic binary instrumentation framework. https://github.com/DynamoRIO/dynamorio
ecfs 305.1758063 Extended core file snapshot format. https://github.com/elfmaster/ecfs
elfkickers 3.1.a Collection of ELF utilities (includes sstrip) https://www.muppetlabs.com/~breadbox/software/elfkickers.html
elfparser 7.39d21ca Cross Platform ELF analysis. https://github.com/jacob-baines/elfparser
elfutils 0.181 Utilities to handle ELF object files and DWARF debugging information https://sourceware.org/elfutils/
eresi 1291.4769c175 The ERESI Reverse Engineering Software Interface. https://github.com/thorkill/eresi
exescan 1.ad993e3 A tool to detect anomalies in PE (Portable Executable) files. https://github.com/cysinfo/Exescan
expimp-lookup 4.79a96c7 Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree. https://github.com/tr3w/ExpImp-Lookup
expose 1110.30264af A Dynamic Symbolic Execution (DSE) engine for JavaScript https://github.com/ExpoSEJS/ExpoSE
haystack 1823.c178b5a A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. https://github.com/trolldbois/python-haystack
hercules-payload 220.958541e A special payload generator that can bypass all antivirus software. https://github.com/EgeBalci/HERCULES
hex2bin 2.5 Converts Motorola and Intel hex files to binary. http://hex2bin.sourceforge.net/
imagejs 54.1b0b3aa Small tool to package javascript into a valid image file. https://github.com/jklmnn/imagejs
jpegdump 0.0.7 Tool to analyzse JPEG images Reads binary files and parses the JPEG markers inside them. https://blog.didierstevens.com/2019/04/28/update-jpegdump-py-version-0-7/
klee 2.1 A symbolic virtual machine built on top of the LLVM compiler infrastructure. https://github.com/klee/klee
leena 2.5119f56 Symbolic execution engine for JavaScript https://github.com/mmicu/leena
loadlibrary 76.6d4970b Porting Windows Dynamic Link Libraries to Linux. https://github.com/taviso/loadlibrary
ltrace 0.7.3 Tracks runtime library calls in dynamically linked programs https://www.ltrace.org/
manticore 0.2.4.r267.gf46f78b6 Symbolic execution tool. https://github.com/trailofbits/manticore
metame 14.8d583a0 A simple metamorphic code engine for arbitrary executables. https://github.com/a0rtega/metame
objdump2shellcode 28.c2d6120 A tool I have found incredibly useful whenever creating custom shellcode. https://github.com/wetw0rk/objdump2shellcode
oledump 0.0.53 Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams. http://blog.didierstevens.com/programs/oledump-py/
packer 1.6.3 tool for creating identical machine images for multiple platforms from a single source configuration https://github.com/hashicorp/packer
packerid 1.4 Script which uses a PEiD database to identify which packer (if any) is being used by a binary. http://handlers.sans.org/jclausing/
patchkit 37.95dc699 Powerful binary patching from Python. https://github.com/lunixbochs/patchkit
pixd 7.873db72 Colourful visualization tool for binary files. https://github.com/FireyFly/pixd
powerstager 14.0149dc9 A payload stager using PowerShell. https://github.com/z0noxz/powerstager
procdump 35.2ec3090 Generate coredumps based off performance triggers. https://github.com/Microsoft/ProcDump-for-Linux
proctal 482.67bf7e8 Provides a command line interface and a C library to manipulate the address space of a running program on Linux. https://github.com/daniel-araujo/proctal
python-oletools 0.55.1 Tools to analyze Microsoft OLE2 files. https://pypi.org/project/oletools/
python2-oletools 0.55.1 Tools to analyze Microsoft OLE2 files. https://pypi.org/project/oletools/
saruman 2.4be8db5 ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). https://github.com/elfmaster/saruman
sgn 15.3b6ed0f Shikata ga nai encoder ported into go with several improvements. https://github.com/EgeBalci/sgn
soot 3.3.0 A Java Bytecode Analysis and Transformation Framework. http://www.sable.mcgill.ca/soot
strace 5.9 A diagnostic, debugging and instructional userspace tracer https://strace.io/
swftools 0.9.2 A collection of SWF manipulation and creation utilities. http://www.swftools.org/
triton 3182.1b1da143 A Dynamic Binary Analysis (DBA) framework. https://github.com/JonathanSalwan/Triton
upx 3.96 Extendable, high-performance executable packer for several executable formats https://github.com/upx/upx
valgrind 3.16.1 Tool to help find memory-management problems in programs http://valgrind.org/
veles 637.e65de5a New open source tool for binary data analysis. https://codisec.com/veles/
wcc 55.f141963 The Witchcraft Compiler Collection. https://github.com/endrazine/wcc
wxhexeditor 722.c22ce20 A free hex editor / disk editor for Linux, Windows and MacOSX. http://wxhexeditor.sourceforge.net/
zelos 126.b15306b A comprehensive binary emulation and instrumentation platform. https://github.com/zeropointdynamics/zelos