Packages that operate on binary in some form.


Tool count: 71

BlackArch binary
Name Version Description Homepage
amber 256.f6eb2dc Reflective PE packer. https://github.com/EgeBalci/Amber
amoco v2.4.1.r316.gf4081db Yet another tool for analysing binaries. https://github.com/bdcht/amoco
androguard 3.3.5 Reverse engineering, Malware and goodware analysis of Android applications and more. https://github.com/androguard/androguard
angr 9.1.11752 The next-generation binary analysis platform from UC Santa Barbaras Seclab. https://pypi.org/project/angr/#files
angr-management 9.1.11752 This is the GUI for angr. https://pypi.org/project/angr-management/#files
angr-py2 7.8.9.26 The next-generation binary analysis platform from UC Santa Barbaras Seclab. https://pypi.org/project/angr/#files
avet 133.2f1d882 AntiVirus Evasion Tool https://github.com/govolution/avet
barf 923.9547ef8 A multiplatform open source Binary Analysis and Reverse engineering Framework. https://github.com/programa-stic/barf-project
bgrep 24.28029c9 Binary grep. https://github.com/tmbinc/bgrep
binaryninja-python 13.83f59f7 Binary Ninja prototype written in Python. https://github.com/Vector35/binaryninja-python
bindead 4504.67019b97b A static analysis tool for binaries https://bitbucket.org/mihaila/bindead
bindiff 6.0.0 A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code. http://www.zynamics.com/bindiff.html
binflow 5.7fb02a9 POSIX function tracing. Much better and faster than ftrace. https://github.com/elfmaster/binflow
binwally 4.0aabd8b Binary and Directory tree comparison tool using the Fuzzy Hashing concept (ssdeep). https://github.com/bmaia/binwally
bsdiff 4.3 Tools for building and applying patches to binary files. https://www.daemonology.net/bsdiff/
bvi 1.4.1 A display-oriented editor for binary files operate like "vi" editor. http://bvi.sourceforge.net/
bytecode-viewer 2.11.2 A Java 8/Android APK Reverse Engineering Suite. https://github.com/Konloch/bytecode-viewer
cminer 25.d766f7e A tool for enumerating the code caves in PE files. https://github.com/EgeBalci/Cminer/
cpp2il 2022.0.7.r17.g20ccab2 A tool to reverse unity's IL2PP toolchain https://github.com/SamboyCoding/Cpp2IL
detect-it-easy 3.02 A program for determining types of files. https://github.com/horsicq/DIE-engine/releases
dissector 1 This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux. http://packetstormsecurity.com/files/125972/Coloured-ELF-File-Dissector.html
dutas 10.37fa3ab Analysis PE file or Shellcode. https://github.com/dungtv543/Dutas
dwarf 1082.cdf85f4 Full featured multi arch/os debugger built on top of PyQt5 and frida. https://github.com/iGio90/Dwarf
dynamorio 9.0.19046 A dynamic binary instrumentation framework. https://github.com/DynamoRIO/dynamorio
ecfs 305.1758063 Extended core file snapshot format. https://github.com/elfmaster/ecfs
elfkickers 3.2 Collection of ELF utilities (includes sstrip) https://www.muppetlabs.com/~breadbox/software/elfkickers.html
elfparser 7.39d21ca Cross Platform ELF analysis. https://github.com/jacob-baines/elfparser
elfutils 0.191 Handle ELF object files and DWARF debugging information (utilities) https://sourceware.org/elfutils/
eresi 1291.4769c175 The ERESI Reverse Engineering Software Interface. https://github.com/thorkill/eresi
exescan 1.ad993e3 A tool to detect anomalies in PE (Portable Executable) files. https://github.com/cysinfo/Exescan
expimp-lookup 4.79a96c7 Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree. https://github.com/tr3w/ExpImp-Lookup
expose 1110.30264af A Dynamic Symbolic Execution (DSE) engine for JavaScript https://github.com/ExpoSEJS/ExpoSE
haystack 1823.c178b5a A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. https://github.com/trolldbois/python-haystack
hercules-payload 222.2607a3a A special payload generator that can bypass all antivirus software. https://github.com/EgeBalci/HERCULES
hex2bin 2.5 Converts Motorola and Intel hex files to binary. http://hex2bin.sourceforge.net/
imagejs 56.a442f94 Small tool to package javascript into a valid image file. https://github.com/jklmnn/imagejs
jpegdump 0.0.7 Tool to analyzse JPEG images Reads binary files and parses the JPEG markers inside them. https://blog.didierstevens.com/2019/04/28/update-jpegdump-py-version-0-7/
klee 2.1 A symbolic virtual machine built on top of the LLVM compiler infrastructure. https://github.com/klee/klee
leena 2.5119f56 Symbolic execution engine for JavaScript https://github.com/mmicu/leena
loadlibrary 104.c40033b Porting Windows Dynamic Link Libraries to Linux. https://github.com/taviso/loadlibrary
ltrace 0.7.3 Tracks runtime library calls in dynamically linked programs https://www.ltrace.org/
manticore 0.3.7.r73.g88610053 Symbolic execution tool. https://github.com/trailofbits/manticore
metame 14.8d583a0 A simple metamorphic code engine for arbitrary executables. https://github.com/a0rtega/metame
objdump2shellcode 28.c2d6120 A tool I have found incredibly useful whenever creating custom shellcode. https://github.com/wetw0rk/objdump2shellcode
oledump 0.0.75 Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams. http://blog.didierstevens.com/programs/oledump-py/
packer 1.10.2 tool for creating identical machine images for multiple platforms from a single source configuration https://github.com/hashicorp/packer
packerid 1.4 Script which uses a PEiD database to identify which packer (if any) is being used by a binary. http://handlers.sans.org/jclausing/
patchkit 37.95dc699 Powerful binary patching from Python. https://github.com/lunixbochs/patchkit
pixd 9.f49add4 Colourful visualization tool for binary files. https://github.com/FireyFly/pixd
powerstager 14.0149dc9 A payload stager using PowerShell. https://github.com/z0noxz/powerstager
procdump 63.5f23548 Generate coredumps based off performance triggers. https://github.com/Microsoft/ProcDump-for-Linux
proctal 482.67bf7e8 Provides a command line interface and a C library to manipulate the address space of a running program on Linux. https://github.com/daniel-araujo/proctal
python-oletools 0.60.1 Tools to analyze Microsoft OLE2 files. https://pypi.org/project/oletools/
python-peid 1.2.9 Python implementation of the Packed Executable iDentifier (PEiD).
python2-oletools 0.60.1 Tools to analyze Microsoft OLE2 files. https://pypi.org/project/oletools/
quickscope 432.2242c5c Statically analyze windows, linux, osx, executables and also APK files. https://github.com/CYB3RMX/Qu1cksc0pe
rbasefind 41.a661118 A firmware base address search tool. https://github.com/sgayou/rbasefind
redress v0.8.0.alpha4.r6.g28a8814 A tool for analyzing stripped Go binaries. https://github.com/goretk/redress
saruman 2.4be8db5 ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). https://github.com/elfmaster/saruman
sgn 36.f54fa65 Shikata ga nai encoder ported into go with several improvements. https://github.com/EgeBalci/sgn
soot 3.4.0 A Java Bytecode Analysis and Transformation Framework. http://www.sable.mcgill.ca/soot
strace 6.7 A diagnostic, debugging and instructional userspace tracer https://strace.io/
stringsifter 31.342dfcc Machine learning tool that automatically ranks strings based on their relevance for malware analysis. https://github.com/fireeye/stringsifter
swftools 0.9.2 A collection of SWF manipulation and creation utilities. http://www.swftools.org/
triton 4164.924bcbb2 A Dynamic Binary Analysis (DBA) framework. https://github.com/JonathanSalwan/Triton
upx 4.2.2 Extendable, high-performance executable packer for several executable formats https://github.com/upx/upx
valgrind 3.22.0 Tool to help find memory-management problems in programs https://valgrind.org/
veles 637.e65de5a New open source tool for binary data analysis. https://codisec.com/veles/
wcc 83.8254480 The Witchcraft Compiler Collection. https://github.com/endrazine/wcc
wxhexeditor 733.f439d8f A free hex editor / disk editor for Linux, Windows and MacOSX. http://wxhexeditor.sourceforge.net/
zelos 272.506554d A comprehensive binary emulation and instrumentation platform. https://github.com/zeropointdynamics/zelos