GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → lief-project → Lief

lief-project / Lief

Licence: apache-2.0
Authors

Programming Languages

python
139335 projects - #7 most used programming language
C++
36643 projects - #6 most used programming language
CMake
9771 projects
SourcePawn
201 projects
c
50402 projects - #5 most used programming language
shell
77523 projects

Labels

androidsdkparserreverse-engineeringparsingmalware-analysisartbinary-analysiselfdexpemachooatmodificationexecutable-formatsliefvdex

Projects that are alternatives of or similar to Lief

Detect It Easy
Program for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+9.23%)
Mutual labels:  elf, binary-analysis, malware-analysis, reverse-engineering, macho
Goblin
An impish, cross-platform binary parsing crate, written in Rust
Stars: ✭ 591 (-78.35%)
Mutual labels:  elf, pe, binary-analysis, reverse-engineering
E9patch
A powerful static binary rewriting tool
Stars: ✭ 317 (-88.39%)
Mutual labels:  elf, binary-analysis, reverse-engineering
Idenlib
idenLib - Library Function Identification [This project is not maintained anymore]
Stars: ✭ 322 (-88.21%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
Pev
The PE file analysis toolkit
Stars: ✭ 422 (-84.54%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
HatVenom
HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (-96.92%)
Mutual labels:  elf, macho, pe
Freki
🐺 Malware analysis platform
Stars: ✭ 285 (-89.56%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
Sec skills
软件安全工程师技能表
Stars: ✭ 410 (-84.98%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
The Backdoor Factory
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Stars: ✭ 2,904 (+6.37%)
Mutual labels:  elf, pe, macho
Die Engine
DIE engine
Stars: ✭ 648 (-76.26%)
Mutual labels:  elf, binary-analysis, reverse-engineering
odex-patcher
Run arbitrary code by patching OAT files
Stars: ✭ 44 (-98.39%)
Mutual labels:  art, oat, vdex
Redasm
The OpenSource Disassembler
Stars: ✭ 1,042 (-61.83%)
Mutual labels:  dex, binary-analysis, reverse-engineering
kar98k public
pwn & ctf tools for windows
Stars: ✭ 24 (-99.12%)
Mutual labels:  malware-analysis, binary-analysis, pe
Macbook
《macOS软件安全与逆向分析》随书源码
Stars: ✭ 302 (-88.94%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
checksec.rs
Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.
Stars: ✭ 71 (-97.4%)
Mutual labels:  elf, macho, pe
Dex Oracle
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Stars: ✭ 398 (-85.42%)
Mutual labels:  dex, malware-analysis, reverse-engineering
Radare2
UNIX-like reverse engineering framework and command-line toolset
Stars: ✭ 15,412 (+464.54%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
Drsemu
DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
Stars: ✭ 237 (-91.32%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
Dissection
The dissection of a simple "hello world" ELF binary.
Stars: ✭ 427 (-84.36%)
Mutual labels:  elf, pe, binary-analysis
Macbook issues
《macOS软件安全与逆向分析》勘误
Stars: ✭ 11 (-99.6%)
Mutual labels:  binary-analysis, malware-analysis, reverse-engineering
View All Similar Projects ➔


  Linux x86-64 CI status   Linux AArch64 CI status   Android CI status   macOS CI status   iOS CI status   Windows CI status     Twitter Follow

About

The purpose of this project is to provide a cross platform library which can parse, modify and abstract ELF, PE and MachO formats.

Main features:

  • Parsing: LIEF can parse ELF, PE, MachO, OAT, DEX, VDEX, ART and provides an user-friendly API to access to format internals.
  • Modify: LIEF enables to modify some parts of these formats
  • Abstract: Three formats have common features like sections, symbols, entry point... LIEF factors them.
  • API: LIEF can be used in C, C++ and Python

Content

Downloads / Install

First, make sure to have an updated version of setuptools:

pip install setuptools --upgrade

To install the latest version (release):

pip install lief

To install nightlty build:

pip install [--user] --index-url https://lief.quarkslab.com/packages lief==0.12.0.dev0

Packages

Here are guides to install or integrate LIEF:

Getting started

Python

import lief

# ELF
binary = lief.parse("/usr/bin/ls")
print(binary)

# PE
binary = lief.parse("C:\\Windows\\explorer.exe")
print(binary)

# Mach-O
binary = lief.parse("/usr/bin/ls")
print(binary)

C++

#include <LIEF/LIEF.hpp>

int main(int argc, char** argv) {
  // ELF
  try {
    std::unique_ptr<LIEF::ELF::Binary> elf = LIEF::ELF::Parser::parse("/bin/ls");
    std::cout << *elf << std::endl;
  } catch (const LIEF::exception& err) {
    std::cerr << err.what() << std::endl;
  }

  // PE
  try {
    std::unique_ptr<LIEF::PE::Binary> pe = LIEF::PE::Parser::parse("C:\\Windows\\explorer.exe");
    std::cout << *pe << std::endl;
  } catch (const LIEF::exception& err) {
    std::cerr << err.what() << std::endl;
  }

  // Mach-O
  try {
    std::unique_ptr<LIEF::MachO::FatBinary> macho = LIEF::MachO::Parser::parse("/bin/ls");
    std::cout << *macho << std::endl;
  } catch (const LIEF::exception& err) {
    std::cerr << err.what() << std::endl;
  }

  return 0;
}

C (Limited API)

#include <LIEF/LIEF.h>

int main(int argc, char** argv) {
  Elf_Binary_t* elf = elf_parse("/usr/bin/ls");

  Elf_Section_t** sections = elf->sections;

  for (size_t i = 0; sections[i] != NULL; ++i) {
    printf("%s\n", sections[i]->name);
  }

  elf_binary_destroy(elf);
  return 0;
}

Documentation

Contact

About

Authors

Romain Thomas (@rh0main) - Quarkslab

License

LIEF is provided under the Apache 2.0 license.

Bibtex

@MISC {LIEF,
  author       = "Romain Thomas",
  title        = "LIEF - Library to Instrument Executable Formats",
  howpublished = "https://lief.quarkslab.com/",
  month        = "April",
  year         = "2017",
}
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].