GitHub topics: binary-analysis

Repositories

zeropointdynamics/zelos

A comprehensive binary emulation and instrumentation platform.

Language: Python - Size: 23.2 MB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 412 - Forks: 50

weizhenye/binpat

Parse binary data using declarative patterns.

Language: TypeScript - Size: 24.4 KB - Last synced at: 14 days ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

fmagin/angr-cli

Repo for various angr ipython features to give it more of a cli feeling

Language: Python - Size: 13.9 MB - Last synced at: 29 days ago - Pushed at: 5 months ago - Stars: 56 - Forks: 4

fugue-re/fugue-core

A binary analysis framework written in Rust.

Language: Rust - Size: 1.81 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 169 - Forks: 8

packing-box/reminder

Implementation of the packing detection heuristic from the paper "Packed PE File Detection for Malware Forensics" of Han et al.

Language: Python - Size: 85 KB - Last synced at: 15 days ago - Pushed at: 7 months ago - Stars: 3 - Forks: 0

This project is an implement of a paper about adversarial example and malware detector, we train a CNN model to detect if a pe-file is a malware or benign-ware. We also create a user interface for testing, which allow us to upload files and it will show the detected results.

Language: HTML - Size: 4.36 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

packing-box/peid

Python implementation of the Packed Executable iDentifier (PEiD)

Language: Python - Size: 1.29 MB - Last synced at: 7 days ago - Pushed at: about 1 year ago - Stars: 139 - Forks: 15

te4gh0st/Miflare-Dump-Analyse-Tool

🔍 A command-line tool for analyzing, comparing, and manipulating MIFARE Classic 1K/4K card dumps — with multilingual support and detailed bit-level parsing.

Language: Python - Size: 101 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

IzeLeam/elf_loader

A low-level Linux loader for encrypted shared libraries. Supports in-memory decryption using XOR, custom ELF parsing, PLT/GOT resolution, and full execution without leaving traces on disk. Built to demonstrate runtime obfuscation, binary manipulation, and advanced dynamic linking.

Language: C - Size: 67.4 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

ispras/juliet-dynamic

Juliet C/C++ Dynamic Test Suite

Size: 38.7 MB - Last synced at: 12 days ago - Pushed at: about 2 years ago - Stars: 29 - Forks: 7

mewmew/dissection

The dissection of a simple "hello world" ELF binary.

Language: Assembly - Size: 303 KB - Last synced at: 29 days ago - Pushed at: over 4 years ago - Stars: 463 - Forks: 39

cristianzsh/forensictools

Collection of forensic tools

Language: Inno Setup - Size: 257 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 619 - Forks: 66

ex0dus-0x/fuzzable

Framework for Automating Fuzzable Target Discovery with Static Analysis.

Language: Python - Size: 1.44 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 532 - Forks: 53

FSecureLABS/z3_and_angr_binary_analysis_workshop

Code and exercises for a workshop on z3 and angr

Language: Python - Size: 1.45 MB - Last synced at: about 1 month ago - Pushed at: over 4 years ago - Stars: 227 - Forks: 39

dasuos/AnvilELF

AnvilELF is a purist object-oriented tool for ELF binary parsing, inspection, and modification ⚒️🔥

Language: Python - Size: 646 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

ayoubfaouzi/binary-auditing-solutions

Learn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.

Size: 23.9 MB - Last synced at: 1 day ago - Pushed at: over 4 years ago - Stars: 81 - Forks: 40

McGill-DMaS/Kam1n0-Community

The Kam1n0 Assembly Analysis Platform

Language: C - Size: 463 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 626 - Forks: 128

nhuhuan/sba

Static Binary Analysis Platform

Language: C++ - Size: 18.1 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 22 - Forks: 1

mfaerevaag/elfinjector

Code injector for ELF binaries (incl. PIE)

Language: C - Size: 26.4 KB - Last synced at: 4 days ago - Pushed at: almost 8 years ago - Stars: 27 - Forks: 7

philzook58/pcode2c

Convert low ghidra pcode to verifiable C

Language: Jupyter Notebook - Size: 1.59 MB - Last synced at: about 2 months ago - Pushed at: 9 months ago - Stars: 22 - Forks: 2

WPeace-HcH/WPeChatGPT

A plugin for IDA that can help to analyze binary file, it can be based on commonly used AI big models such as OpenAI and DeepSeek.

Language: Python - Size: 2.82 MB - Last synced at: 2 months ago - Pushed at: 3 months ago - Stars: 1,144 - Forks: 181

thetacom/hexabyte

A modern, modular, and robust TUI hex editor.

Language: Python - Size: 12 MB - Last synced at: 30 days ago - Pushed at: over 1 year ago - Stars: 274 - Forks: 5

mohitmishra786/underTheHoodOfExecutables

A guide that explains how programs transform from source code to executables. Deep dive into ELF format, linking processes, and binary optimization techniques. Perfect for systems programmers, C developers, and anyone interested in low-level programming concepts.

Language: HTML - Size: 592 KB - Last synced at: about 2 months ago - Pushed at: 7 months ago - Stars: 328 - Forks: 36

packing-box/dataset-packed-pe Fork of chesvectain/PackingData

Dataset of packed PE samples

Language: Python - Size: 1.26 GB - Last synced at: about 2 months ago - Pushed at: 12 months ago - Stars: 34 - Forks: 7

GJDuck/e9patch

A powerful static binary rewriting tool

Language: C - Size: 2.13 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1,016 - Forks: 67

packing-box/pypackerdetect Fork of cylance/PyPackerDetect

Packing detection tool for PE files

Language: Python - Size: 424 KB - Last synced at: 12 days ago - Pushed at: 7 months ago - Stars: 24 - Forks: 3

cdong1012/ollvm-unflattener

Obfuscator-llvm Control Flow Flattening Deobfuscator

Language: Python - Size: 290 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 105 - Forks: 14

carbonblack/binee

Binee: binary emulation environment

Language: Go - Size: 28.2 MB - Last synced at: 2 months ago - Pushed at: over 2 years ago - Stars: 516 - Forks: 74

maskelihileci/IDA_Ollvm-unflattener

Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.

Language: Python - Size: 33.2 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 8 - Forks: 0

ucsb-seclab/greed

A symbolic execution engine for EVM smart contract binaries.

Language: Python - Size: 10.1 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 104 - Forks: 16

K2/Scripting

PS / Bash / Python / Other scripts For FUN!

Language: PowerShell - Size: 1.38 MB - Last synced at: 2 months ago - Pushed at: 4 months ago - Stars: 55 - Forks: 6

JonathanSalwan/PinTools

Pintool example and PoC for dynamic binary analysis

Language: C++ - Size: 1.99 MB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 588 - Forks: 155

Colton1skees/WinTTD

Reverse engineered API for Microsoft's Time Travel Debugger

Language: C++ - Size: 753 KB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 34 - Forks: 7

GaloisInc/pate

Patches Assured up to Trace Equivalence

Language: Haskell - Size: 19.5 MB - Last synced at: 17 days ago - Pushed at: 3 months ago - Stars: 16 - Forks: 3

adrianherrera/binaryninja-gtirb

Support for the GrammaTech Intermediate Representation for Binaries (GTIRB) format in Binary Ninja

Language: Python - Size: 220 KB - Last synced at: 2 months ago - Pushed at: 8 months ago - Stars: 5 - Forks: 0

packing-box/bintropy

Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

Language: Python - Size: 334 KB - Last synced at: 17 days ago - Pushed at: 7 months ago - Stars: 47 - Forks: 4

SoftSec-KAIST/Reassessor

Reassembly is Hard: A Reflection on Challenges and Strategies (USENIX Security '23)

Language: Python - Size: 374 KB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 33 - Forks: 1

sdasgup3/binary-decompilation

Extracting high level semantic information from binary code

Language: Assembly - Size: 244 MB - Last synced at: 2 months ago - Pushed at: about 6 years ago - Stars: 65 - Forks: 8

jaybosamiya/security-notes

:notebook: Some security related notes

Size: 21.5 KB - Last synced at: 3 months ago - Pushed at: almost 8 years ago - Stars: 460 - Forks: 41

mahmoudimus/ida-pysigmaker

IDA Pro 9.0+ cross-platform port of @A200K's IDA-Pro-SigMaker to Python

Language: Python - Size: 60.5 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 32 - Forks: 7

br0kej/bin2ml

A command line tool for extracting machine learning ready data from software binaries powered by Radare2

Language: Rust - Size: 1.61 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 69 - Forks: 5

TheQmaks/soSaver-frida

TypeScript Frida agent for extracting shared libraries (.so) from Android apps. Features memory scanning, hooking dlopen, and modular architecture. Part of the soSaver project.

Language: TypeScript - Size: 14.6 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

ucsb-seclab/BootStomp

BootStomp: a bootloader vulnerability finder

Language: Python - Size: 3.58 MB - Last synced at: 3 months ago - Pushed at: over 3 years ago - Stars: 396 - Forks: 67

dc401/dynamic-instrumentation

Binary patching examples tutorial with dynamic instrumentation and traditional methods with a debugger.

Language: JavaScript - Size: 4.72 MB - Last synced at: 4 days ago - Pushed at: about 3 years ago - Stars: 4 - Forks: 0

rodrigocfd/binary-file-diff

Drag two binary files into the page, and compare them side by side.

Language: JavaScript - Size: 57.6 KB - Last synced at: 2 months ago - Pushed at: over 4 years ago - Stars: 9 - Forks: 1

We5ter/Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Size: 7.08 MB - Last synced at: 3 months ago - Pushed at: 7 months ago - Stars: 8,427 - Forks: 2,383

SoftSec-KAIST/NTFuzz

NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)

Language: F# - Size: 7.92 MB - Last synced at: 2 months ago - Pushed at: over 3 years ago - Stars: 102 - Forks: 23

seekbytes/MicroSCOPE

Static analysis tool that detects potential ransomware in PE and ELF files through heuristic analysis

Language: Go - Size: 230 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 16 - Forks: 3

kaykycampos/gta-benchmark

GTA (Guess The Algorithm) Benchmark - A tool for testing AI reasoning capabilities

Size: 1.95 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 8 - Forks: 0

B2R2-org/FunSeeker

FunSeeker: Binary Function Identification Tool

Language: F# - Size: 42 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 25 - Forks: 1

GrammaTech/gtirb-pprinter

Pretty printer from GTIRB to assembly code

Language: C++ - Size: 5.11 MB - Last synced at: 2 days ago - Pushed at: 3 months ago - Stars: 48 - Forks: 10

0xk1h0/Replica3

Ghidra Analysis Enhancer 🐉 Python3 version.

Language: Python - Size: 2.17 MB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 8 - Forks: 1

taviso/kiewtai

A port of Kaitai to the Hiew hex editor

Language: C - Size: 3.86 MB - Last synced at: 3 months ago - Pushed at: about 5 years ago - Stars: 148 - Forks: 13

quarkslab/binbloom

Raw binary firmware analysis software

Language: C - Size: 171 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 521 - Forks: 57

Xenios91/Glyph

An architecture independent binary analysis tool for fingerprinting functions through NLP

Language: Python - Size: 157 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 12 - Forks: 2

ziansu/codeart

Official repo for FSE'24 paper "CodeArt: Better Code Models by Attention Regularization When Symbols Are Lacking"

Language: Python - Size: 457 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 16 - Forks: 2

nihatxp/Forensic-File-Analyzer

Fotoğrafın daha önce kırpıldığına, döndürüldüğüne, hash değerlerine ve benzeri onlarca meta veriye erişin.

Language: PHP - Size: 825 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

hanilr/variation-bin

Single-header binary analysis library. Written in ansi-c

Language: C - Size: 79.1 KB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

Bayu1008/Flare

A modern, lightning-fast file sharing platform built for self-hosting. Created with support for ShareX, Flameshot, and easy to set up.

Language: TypeScript - Size: 329 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

telepath9000/elf-packer

Encrypts 64-bit elf files that decrypt at runtime.

Language: C - Size: 32.2 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 31 - Forks: 6

c3rb3ru5d3d53c/binlex

A Binary Genetic Traits Lexer Framework

Language: Rust - Size: 17.8 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 487 - Forks: 54

grantseltzer/go-disass

A suite of tools for disassembly, ROP, and binary analysis written in Go

Language: Go - Size: 3.33 MB - Last synced at: 20 days ago - Pushed at: over 2 years ago - Stars: 47 - Forks: 7

kth-step/HolBA

Binary analysis in HOL

Language: Standard ML - Size: 8.28 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 35 - Forks: 21

packing-box/dataset-packed-elf

Dataset of packed ELF samples

Size: 481 MB - Last synced at: 3 months ago - Pushed at: over 2 years ago - Stars: 19 - Forks: 1

reb311ion/replica

Ghidra Analysis Enhancer 🐉

Language: Python - Size: 2.66 MB - Last synced at: 3 months ago - Pushed at: about 5 years ago - Stars: 295 - Forks: 30

drvink/epanos

ElectroPaint Automatic No-source Object reaSsembler (a MIPS to C decompiler)

Language: C - Size: 332 KB - Last synced at: 6 days ago - Pushed at: about 11 years ago - Stars: 71 - Forks: 11

packing-box/python-exeplot

Library for plotting executable samples supporting multiple formats

Language: Python - Size: 690 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

audibleblink/ino

In 'n Out - See what goes in and comes out of PEs

Language: Go - Size: 88.9 KB - Last synced at: 2 months ago - Pushed at: about 3 years ago - Stars: 34 - Forks: 2

seekbytes/insPEctor

An experimental disassembler for PE executable file (x86_64)

Language: Rust - Size: 32.2 KB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 6 - Forks: 0

BetterWayElectronics/bwe-ps4-nor-comparator

PS4 NOR Comparison Tool. Designed to take the input of multiple dumps and compare selected areas. Can even calculate dynamic offsets (where a header determines file size) and calculate the entropy of specific areas.

Language: Perl - Size: 204 KB - Last synced at: 3 months ago - Pushed at: over 2 years ago - Stars: 13 - Forks: 0

ROF13ThFloor/ELFInspect

ELFInspect is a binary analysis tool for ELF files, offering features such as ELF header parsing, disassembly, control flow graph generation, and syscall pattern detection.

Language: Python - Size: 1.41 MB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 6 - Forks: 1

binsec/Rel

Binsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.

Language: OCaml - Size: 1.01 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 33 - Forks: 2

horde-re/horde

Suite of binary analysis tools for reverse engineering made in Rust with Python bindings.

Language: Rust - Size: 1.46 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 1 - Forks: 0

jmcph4/crackerjack

A collection of crackmes

Language: C - Size: 10.7 KB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 40 - Forks: 14

Chaoses-Ib/BinaryAnalysis

Language: C - Size: 757 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 4 - Forks: 0

Chaoses-Ib/library-signatures

Binary signatures of some libraries.

Size: 64.4 MB - Last synced at: 3 months ago - Pushed at: almost 3 years ago - Stars: 6 - Forks: 0

JonathanSalwan/X-Tunnel-Opaque-Predicates

IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE. Example with X-Tunnel.

Language: Python - Size: 83 KB - Last synced at: 3 months ago - Pushed at: almost 6 years ago - Stars: 52 - Forks: 16

kallenosf/minimal-debugger

A lightweight debugger designed to demonstrate the inner workings of debugging tools using the ptrace syscall.

Language: C - Size: 36.1 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

beehive-lab/mambo

A low-overhead dynamic binary instrumentation and modification tool for ARM (both AArch32 and AArch64 support) and RISC-V (RV64GC).

Language: C - Size: 3.31 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 325 - Forks: 68

A200K/IDA-Pro-SigMaker

Signature maker plugin for IDA 8.x and 9.x

Language: C++ - Size: 66.4 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 363 - Forks: 65

johnbntn/dat

Binary Analysis Framework for Datalog

Language: OCaml - Size: 7.43 MB - Last synced at: 4 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

malsearchs/Static-Reverse-Engineering-SRE

SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool

Language: Python - Size: 996 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 51 - Forks: 8

egibs/rsd 📦

Rust implemention of xxd -e -l 64

Language: Rust - Size: 217 KB - Last synced at: 3 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 1

Xenios91/Byte-Chomp

A Golang tool for obtaining data on Golang binaries in csv format

Language: Go - Size: 900 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 1

thebabush/nampa

Nampa - FLIRT for (binary) ninjas

Language: Python - Size: 86.9 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 90 - Forks: 17

Macmod/malkom

Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets of PE and ELF malware samples.

Language: Python - Size: 7.01 MB - Last synced at: 3 months ago - Pushed at: about 2 years ago - Stars: 16 - Forks: 2

jrdpteam/gH

gH - Tiny Bytecode Analyzing Framework

Language: Python - Size: 16.6 KB - Last synced at: 4 months ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0

jovibor/libpe

Library for parsing internal structures of PE32/PE32+ binary files.

Language: C++ - Size: 397 KB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 160 - Forks: 36

saferwall/pe

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Language: Go - Size: 28.6 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 321 - Forks: 48