Packages that operate on binary in some form.
Tool count: 65
| Name | Version | Description | Homepage |
|---|---|---|---|
| amber | 256.f6eb2dc | Reflective PE packer. | https://github.com/EgeBalci/Amber |
| amoco | v2.9.11.r2.gf1182a5 | Yet another tool for analysing binaries. | https://github.com/bdcht/amoco |
| androguard | 3.3.5 | Reverse engineering, Malware and goodware analysis of Android applications and more. | https://github.com/androguard/androguard |
| angr | 9.1.11752 | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | https://pypi.org/project/angr/#files |
| angr-management | 9.1.11752 | This is the GUI for angr. | https://pypi.org/project/angr-management/#files |
| angr-py2 | 7.8.9.26 | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | https://pypi.org/project/angr/#files |
| avet | 559.d561ee3 | AntiVirus Evasion Tool. | https://github.com/govolution/avet |
| barf | 923.9547ef8 | A multiplatform open source Binary Analysis and Reverse engineering Framework. | https://github.com/programa-stic/barf-project |
| bgrep | 24.28029c9 | Binary grep. | https://github.com/tmbinc/bgrep |
| binaryninja-python | 13.83f59f7 | Binary Ninja prototype written in Python. | https://github.com/Vector35/binaryninja-python |
| bindead | 4504.67019b97b | A static analysis tool for binaries | https://bitbucket.org/mihaila/bindead |
| bindiff | 6.0.0 | A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code. | http://www.zynamics.com/bindiff.html |
| binflow | 5.7fb02a9 | POSIX function tracing. Much better and faster than ftrace. | https://github.com/elfmaster/binflow |
| binwally | 4.0aabd8b | Binary and Directory tree comparison tool using the Fuzzy Hashing concept (ssdeep). | https://github.com/bmaia/binwally |
| bsdiff | 4.3 | Tools for building and applying patches to binary files. | https://www.daemonology.net/bsdiff/ |
| bvi | 1.4.2 | A display-oriented editor for binary files operate like "vi" editor. | http://bvi.sourceforge.net/ |
| bytecode-viewer | 2.12 | A Java 8/Android APK Reverse Engineering Suite. | https://github.com/Konloch/bytecode-viewer |
| cminer | 25.d766f7e | A tool for enumerating the code caves in PE files. | https://github.com/EgeBalci/Cminer/ |
| cpp2il | 2022.0.7.r17.g20ccab2 | A tool to reverse unity's IL2PP toolchain | https://github.com/SamboyCoding/Cpp2IL |
| detect-it-easy | 3.10 | A program for determining types of files. | https://github.com/horsicq/DIE-engine/releases |
| dissector | 1 | This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux. | http://packetstormsecurity.com/files/125972/Coloured-ELF-File-Dissector.html |
| dutas | 10.37fa3ab | Analysis PE file or Shellcode. | https://github.com/dungtv543/Dutas |
| dwarf | 1084.fd859ae | Full featured multi arch/os debugger built on top of PyQt5 and frida. | https://github.com/iGio90/Dwarf |
| dynamorio | 9.0.19046 | A dynamic binary instrumentation framework. | https://github.com/DynamoRIO/dynamorio |
| ecfs | 305.1758063 | Extended core file snapshot format. | https://github.com/elfmaster/ecfs |
| elfparser | 7.39d21ca | Cross Platform ELF analysis. | https://github.com/jacob-baines/elfparser |
| eresi | 1291.4769c175 | The ERESI Reverse Engineering Software Interface. | https://github.com/thorkill/eresi |
| exescan | 1.ad993e3 | A tool to detect anomalies in PE (Portable Executable) files. | https://github.com/cysinfo/Exescan |
| expimp-lookup | 4.79a96c7 | Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree. | https://github.com/tr3w/ExpImp-Lookup |
| expose | 1110.30264af | A Dynamic Symbolic Execution (DSE) engine for JavaScript | https://github.com/ExpoSEJS/ExpoSE |
| haystack | 1823.c178b5a | A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. | https://github.com/trolldbois/python-haystack |
| hercules-payload | 222.2607a3a | A special payload generator that can bypass all antivirus software. | https://github.com/EgeBalci/HERCULES |
| hex2bin | 2.5 | Converts Motorola and Intel hex files to binary. | http://hex2bin.sourceforge.net/ |
| imagejs | 56.a442f94 | Small tool to package javascript into a valid image file. | https://github.com/jklmnn/imagejs |
| jpegdump | 0.0.7 | Tool to analyzse JPEG images Reads binary files and parses the JPEG markers inside them. | https://blog.didierstevens.com/2019/04/28/update-jpegdump-py-version-0-7/ |
| klee | 2.1 | A symbolic virtual machine built on top of the LLVM compiler infrastructure. | https://github.com/klee/klee |
| leena | 2.5119f56 | Symbolic execution engine for JavaScript | https://github.com/mmicu/leena |
| loadlibrary | 104.c40033b | Porting Windows Dynamic Link Libraries to Linux. | https://github.com/taviso/loadlibrary |
| manticore | 0.3.7.r73.g88610053 | Symbolic execution tool. | https://github.com/trailofbits/manticore |
| metame | 14.8d583a0 | A simple metamorphic code engine for arbitrary executables. | https://github.com/a0rtega/metame |
| objdump2shellcode | 28.c2d6120 | A tool I have found incredibly useful whenever creating custom shellcode. | https://github.com/wetw0rk/objdump2shellcode |
| oledump | 0.0.77 | Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams. | http://blog.didierstevens.com/programs/oledump-py/ |
| packerid | 16.bc54e6d | Script which uses a PEiD database to identify which packer (if any) is being used by a binary. | https://github.com/sooshie/packerid |
| patchkit | 37.95dc699 | Powerful binary patching from Python. | https://github.com/lunixbochs/patchkit |
| pixd | 9.f49add4 | Colourful visualization tool for binary files. | https://github.com/FireyFly/pixd |
| powerstager | 14.0149dc9 | A payload stager using PowerShell. | https://github.com/z0noxz/powerstager |
| procdump | 63.5f23548 | Generate coredumps based off performance triggers. | https://github.com/Microsoft/ProcDump-for-Linux |
| proctal | 482.67bf7e8 | Provides a command line interface and a C library to manipulate the address space of a running program on Linux. | https://github.com/daniel-araujo/proctal |
| python-oletools | 0.60.2 | Tools to analyze Microsoft OLE2 files. | https://pypi.org/project/oletools/ |
| python-peid | 2.2.1 | Python implementation of the Packed Executable iDentifier (PEiD). | |
| python2-oletools | 0.60.2 | Tools to analyze Microsoft OLE2 files. | https://pypi.org/project/oletools/ |
| qbdi | v0.11.0.r29.g56c0dec | A Dynamic Binary Instrumentation framework based on LLVM. | https://github.com/QBDI/QBDI |
| quickscope | 517.72b9e66 | Statically analyze windows, linux, osx, executables and also APK files. | https://github.com/CYB3RMX/Qu1cksc0pe |
| rbasefind | 41.a661118 | A firmware base address search tool. | https://github.com/sgayou/rbasefind |
| redress | v1.2.2.r0.gfe38d96 | A tool for analyzing stripped Go binaries. | https://github.com/goretk/redress |
| saruman | 2.4be8db5 | ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). | https://github.com/elfmaster/saruman |
| sgn | 36.f54fa65 | Shikata ga nai encoder ported into go with several improvements. | https://github.com/EgeBalci/sgn |
| soot | 3.4.0 | A Java Bytecode Analysis and Transformation Framework. | http://www.sable.mcgill.ca/soot |
| stringsifter | 39.33c0cd5 | Machine learning tool that automatically ranks strings based on their relevance for malware analysis. | https://github.com/fireeye/stringsifter |
| swftools | 0.9.2 | A collection of SWF manipulation and creation utilities. | http://www.swftools.org/ |
| triton | 4256.b022f317 | A Dynamic Binary Analysis (DBA) framework. | https://github.com/JonathanSalwan/Triton |
| veles | 637.e65de5a | New open source tool for binary data analysis. | https://codisec.com/veles/ |
| wcc | 99.08f67cd | The Witchcraft Compiler Collection. | https://github.com/endrazine/wcc |
| wxhexeditor | 733.f439d8f | A free hex editor / disk editor for Linux, Windows and MacOSX. | http://wxhexeditor.sourceforge.net/ |
| zelos | 272.506554d | A comprehensive binary emulation and instrumentation platform. | https://github.com/zeropointdynamics/zelos |