References

Blog Posts & White Papers

Projects using LIEF

Name

Language

Link

Topic

Summarize

Datalog Disassembly

C++

https://github.com/GrammaTech/ddisasm

Binary Analysis

DDisasm is a fast disassembler which is accurate enough for the resulting assembly code to be reassembled. DDisasm is implemented using the datalog (souffle) declarative logic programming language to compile disassembly rules and heuristics

Mobile-Security-Framework-MobSF

Python

https://github.com/MobSF/Mobile-Security-Framework-MobSF

Mobile Analysis

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

checksec.py

Python

https://github.com/Wenzel/checksec.py

Static Analysis

A simple tool to verify the security properties of your binaries. These properties can be enabled by your compiler to enforce the security of your executables, and mitigate exploits

youarespecial

Python

https://github.com/endgameinc/youarespecial

Machine Learning

Machine learning models on Malwares

gym-malware

Python

https://github.com/endgameinc/gym-malware

Machine Learning

Learn how to bypass AV through machine learning.

MISP

Python

https://github.com/MISP/MISP

Malware

Malware Information Sharing Platform and Threat Sharing

Virus Disinfector KIT

Python

https://github.com/Fare9/Virus_Disinfector_KIT

Malware

Tool to disinfect PE files

lief-sys

Rust

https://github.com/tathanhdinh/lief-sys

Binding

Rust binding for LIEF

Ledger-Donjon/rainbow

Python

https://github.com/Ledger-Donjon/rainbow

Dynamic Analysis

Trace generator based on Unicorn and LIEF as loader.

smda

Python

https://github.com/danielplohmann/smda

Static Analysis

Recursive disassembler using LIEF as ELF and PE loader

conan-io/hooks

Python

binary-linter.py

Static Analysis

Binary linter

Wiggle

Python

https://github.com/ChiChou/wiggle

Binary search engine

An executable binary metadata search engine.

ANBU

C++

https://github.com/Fare9/ANBU

Unpacking

Automatic New Binary Unpacker with PIN DBI Framework

Similar Projects

Name

Language

Link

filebytes

Python

https://github.com/sashs/filebytes

angr/cle

Python

https://github.com/angr/cle

pypeelf

Python

https://github.com/crackinglandia/pypeelf

Parsers/Modifiers

ELF

Name

Language

Link

pyelftools

Python

https://github.com/eliben/pyelftools

pylibelf

Python

https://github.com/crackinglandia/pylibelf

pydevtools

Python

https://github.com/arowser/pydevtools

elfparser

C++ ?

http://elfparser.com/index.html

libelf

C

hxxp://www.mr511.de/software/

elfio

C++

http://elfio.sourceforge.net/

radare2

C/Python

https://github.com/radare/radare2/tree/master/libr/bin/format/elf

node-elf

node.js

https://github.com/sifteo/node-elf

readelf

C

https://github.com/bminor/binutils-gdb/blob/master/binutils/readelf.c

elfesteem

Python

https://github.com/LRGH/elfesteem

elfsharp

C#

hxxp://elfsharp.hellsgate.pl/index.shtml

metasm

Ruby

https://github.com/jjyg/metasm

amoco

Python

https://github.com/bdcht/amoco

Goblin

Rust

https://github.com/m4b/goblin

Mithril

Ruby

https://github.com/jbangert/mithril

ELFkickers

C

http://www.muppetlabs.com/~breadbox/software/elfkickers.html

libelfmaster

C

https://github.com/elfmaster/libelfmaster

libelf.js

JS

https://github.com/AlexAltea/libelf.js

elfy.io

JS ?

https://elfy.io/

elfhash

C

https://github.com/cjacker/elfhash

PE

Name

Language

Link

pefiles

Python

https://github.com/erocarrera/pefile

radare2

C

https://github.com/radare/radare2/tree/master/libr/bin/format/pe

PE.Explorer

C++/C# ?

http://www.pe-explorer.com/

CFF Explorer

C++/C# ?

http://www.ntcore.com/exsuite.php

PE Browser 64

C++/C# ?

http://www.smidgeonsoft.prohosting.com/pebrowse-pro-file-viewer.html

PE View

C++/C# ?

http://wjradburn.com/software/

FileAlyzer

C++/C# ?

https://www.safer-networking.org/products/filealyzer/

PE Studio

C++/C# ?

https://www.winitor.com/

PEDumper

C

https://github.com/maldevel/PEdumper

PE Parse

C++/Python

https://github.com/trailofbits/pe-parse/tree/master/parser-library

PEParse

C#

https://github.com/DKorablin/PEReader

PE Bliss

C++

https://github.com/BackupGGCode/portable-executable-library

PE Net

.NET

https://github.com/secana/PeNet

libpe

C++

https://github.com/evilsocket/libpe/tree/master/libpe

elfesteem

Python

https://github.com/LRGH/elfesteem

pelook

C ?

http://bytepointer.com/tools/index.htm#pelook

PortEx

Java

http://katjahahn.github.io/PortEx

metasm

Ruby

https://github.com/jjyg/metasm

amoco

Python

https://github.com/bdcht/amoco

Goblin

Rust

https://github.com/m4b/goblin

Mach-O

Name

Language

Link

radare2

C

https://github.com/radare/radare2/tree/master/libr/bin/format/mach0

MachO-Kit

C/ObjC

https://github.com/DeVaukz/MachO-Kit

optool

ObjC

https://github.com/alexzielenski/optool

macho_edit

C++

https://github.com/Tyilo/macho_edit

macholib

Python

https://pypi.org/project/macholib/

elfsharp

C#

http://elfsharp.hellsgate.pl/index.shtml

elfesteem

Python

https://github.com/LRGH/elfesteem

metasm

Ruby

https://github.com/jjyg/metasm

Goblin

Rust

https://github.com/m4b/goblin

MachOView

ObjC

https://github.com/gdbinit/MachOView

XMachOViewer

C++

https://github.com/horsicq/XMachOViewer

Tools

Name

Language

Link

Format

Summarize

Dress

Python

https://github.com/docileninja/dress

ELF

Add static symbols

objconv

C++

https://www.agner.org/optimize/#objconv

ELF/PE/MachO

Format converter

PEDetour

C++

https://github.com/chen-charles/PEDetour

PE

Hook exported functions

python-elf

Python

https://github.com/tbursztyka/python-elf

ELF

ELF binary format manipulation

PEDetour

C++

https://github.com/chen-charles/PEDetour

PE

Hook exported functions

libmaelf

C

https://github.com/tiago4orion/libmalelf

ELF

Library for Dissect and Infect ELF Binaries.

peinjector

C

https://github.com/JonDoNym/peinjector

PE

MITM PE file infector

backdoor factory

C++

https://github.com/secretsquirrel/the-backdoor-factory

ELF/PE/MachO

Patch PE, ELF, Mach-O binaries with shellcode

RePEconstruct

C

https://github.com/DavidKorczynski/RePEconstruct

PE

PE Unpacker

patchkit

Python

https://github.com/lunixbochs/patchkit

ELF

Patch binary

unstrip

Python

https://github.com/pzread/unstrip

ELF

Unstrip static binary

sym2elf

Python

https://github.com/danigargu/syms2elf

ELF

Export IDA’s symbols to the original binary

elfhash

C

https://github.com/cjacker/elfhash

ELF

Manipulate ELF’s hash

recomposer

Python

https://github.com/secretsquirrel/recomposer

PE

Change some parts of a PE ile in order to bypass Antivirus

bearparser

C++

https://github.com/hasherezade/bearparser

PE

Portable Executable parsing library with a GUI

IAT patcher

C++

http://hasherezade.github.io/IAT_patcher

PE

IAT hooking application

PEframe

Python

https://github.com/guelfoweb/peframe

PE

PE Static analyzer

Manalyze

C++

https://github.com/JusticeRage/Manalyze

PE

PE Static analyzer

elf-dissector

C++

https://github.com/KDE/elf-dissector

ELF

Tool to inspect ELF files

InfectPE

C++

https://github.com/secrary/InfectPE

PE

Inject code into PE file

termux-elf-cleaner

C++

https://github.com/termux/termux-elf-cleaner

ELF

Utility to remove unused ELF sections causing warnings.

vdexExtractor

C

https://github.com/anestisb/vdexExtractor

VDEX

Extract DEX from VDEX

insert_dylib

C

https://github.com/Tyilo/insert_dylib

Mach-O

Insert a dylib load command

optool

Obj-C

https://github.com/alexzielenski/optool

Mach-O

Modify Mach-O commands: Resign, insert commands, …

reflective- polymorphism

C

https://github.com/zeroSteiner/reflective-polymorphism

PE

Transform PE files between EXE and DLL

XELFViewer

C++/Qt

https://github.com/horsicq/XELFViewer

ELF

ELF file viewer/editor for Windows, Linux and MacOS.