binary-analysis | Topic | Ecosyste.ms: Repos

Topic: "binary-analysis"

WerWolv/ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Language: C++ - Size: 44 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 49,748 - Forks: 2,188

x64dbg/x64dbg

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Language: C++ - Size: 58.8 MB - Last synced at: 14 days ago - Pushed at: 14 days ago - Stars: 46,385 - Forks: 2,554

radareorg/radare2

UNIX-like reverse engineering framework and command-line toolset

Language: C - Size: 178 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 21,933 - Forks: 3,086

horsicq/Detect-It-Easy

Program for determining types of files for Windows, Linux and MacOS.

Language: JavaScript - Size: 17.7 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 8,960 - Forks: 819

We5ter/Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Size: 7.08 MB - Last synced at: 4 months ago - Pushed at: 8 months ago - Stars: 8,427 - Forks: 2,383

mandiant/capa

The FLARE team's open-source tool to identify capabilities in executable files.

Language: Python - Size: 34.9 MB - Last synced at: 2 days ago - Pushed at: 22 days ago - Stars: 5,411 - Forks: 614

lief-project/LIEF

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Language: C++ - Size: 91.4 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 4,946 - Forks: 669

JonathanSalwan/Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

Language: C++ - Size: 57.1 MB - Last synced at: 26 days ago - Pushed at: about 2 months ago - Stars: 3,777 - Forks: 550

trailofbits/manticore

Symbolic execution tool

Language: Python - Size: 43.5 MB - Last synced at: about 2 months ago - Pushed at: almost 2 years ago - Stars: 3,760 - Forks: 479

HyperDbg/HyperDbg

State-of-the-art native debugging tools

Language: C - Size: 43.1 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 3,335 - Forks: 424

e-m-b-a/emba

EMBA - The firmware security analyzer

Language: Shell - Size: 23.3 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 3,037 - Forks: 265

DynamoRIO/dynamorio

Dynamic Instrumentation Tool Platform

Language: C - Size: 117 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 2,855 - Forks: 587

horsicq/DIE-engine

DIE engine

Language: C++ - Size: 61.2 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 2,700 - Forks: 352

lifting-bits/mcsema 📦

Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode

Language: C++ - Size: 154 MB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 2,698 - Forks: 343

BinaryAnalysisPlatform/bap

Binary Analysis Platform

Language: OCaml - Size: 8.21 MB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 2,136 - Forks: 277

REDasmOrg/REDasm

The OpenSource Disassembler

Language: C++ - Size: 44.1 MB - Last synced at: about 2 months ago - Pushed at: 9 months ago - Stars: 1,646 - Forks: 145

KeenSecurityLab/BinAbsInspector

BinAbsInspector: Vulnerability Scanner for Binaries

Language: Java - Size: 779 KB - Last synced at: 5 days ago - Pushed at: about 1 year ago - Stars: 1,629 - Forks: 236

cmu-sei/pharos

Automated static analysis tools for binary programs

Language: C++ - Size: 45.7 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 1,614 - Forks: 197

attify/firmware-analysis-toolkit

Toolkit to emulate firmware and analyse it for security vulnerabilities

Language: Python - Size: 44.9 KB - Last synced at: about 2 months ago - Pushed at: 10 months ago - Stars: 1,430 - Forks: 272

programa-stic/barf-project

BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework

Language: Python - Size: 2.16 MB - Last synced at: 10 days ago - Pushed at: over 5 years ago - Stars: 1,421 - Forks: 168

packing-box/awesome-executable-packing

A curated list of awesome resources related to executable packing

Size: 365 KB - Last synced at: 8 days ago - Pushed at: 28 days ago - Stars: 1,369 - Forks: 116

m4b/goblin

An impish, cross-platform binary parsing crate, written in Rust

Language: Rust - Size: 3.2 MB - Last synced at: 3 days ago - Pushed at: 10 days ago - Stars: 1,311 - Forks: 171

KasperskyLab/hrtng

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Language: C++ - Size: 105 MB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 1,258 - Forks: 123

fkie-cad/cwe_checker

cwe_checker finds vulnerable patterns in binary executables

Language: Rust - Size: 9.31 MB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 1,223 - Forks: 129

WPeace-HcH/WPeChatGPT

A plugin for IDA that can help to analyze binary file, it can be based on commonly used AI big models such as OpenAI and DeepSeek.

Language: Python - Size: 2.82 MB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 1,144 - Forks: 181

Vector35/binaryninja-api

Public API, examples, documentation and issues for Binary Ninja

Language: C++ - Size: 92.1 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1,058 - Forks: 245

GJDuck/e9patch

A powerful static binary rewriting tool

Language: C - Size: 2.13 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1,016 - Forks: 67

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

Language: C - Size: 74.7 MB - Last synced at: 12 months ago - Pushed at: about 1 year ago - Stars: 794 - Forks: 169

dyninst/dyninst

DyninstAPI: Tools for binary instrumentation, analysis, and modification.

Language: C - Size: 204 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 789 - Forks: 163

mentebinaria/readpe

The PE file analysis toolkit

Language: C - Size: 2.37 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 731 - Forks: 138

secrary/Andromeda

Andromeda - Interactive Reverse Engineering Tool for Android Applications

Language: C++ - Size: 416 KB - Last synced at: 8 days ago - Pushed at: over 5 years ago - Stars: 709 - Forks: 74

GrammaTech/ddisasm

A fast and accurate disassembler

Language: C++ - Size: 29.1 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 708 - Forks: 62

McGill-DMaS/Kam1n0-Community

The Kam1n0 Assembly Analysis Platform

Language: C - Size: 463 MB - Last synced at: 2 months ago - Pushed at: over 2 years ago - Stars: 626 - Forks: 128

cristianzsh/forensictools

Collection of forensic tools

Language: Inno Setup - Size: 257 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 619 - Forks: 66

dmendel/bindata

BinData - Reading and Writing Binary Data in Ruby

Language: Ruby - Size: 1.5 MB - Last synced at: 7 days ago - Pushed at: 3 months ago - Stars: 619 - Forks: 55

JonathanSalwan/PinTools

Pintool example and PoC for dynamic binary analysis

Language: C++ - Size: 1.99 MB - Last synced at: about 2 months ago - Pushed at: over 3 years ago - Stars: 588 - Forks: 155

falconre/falcon

Binary Analysis Framework in Rust

Language: Rust - Size: 2.23 MB - Last synced at: 12 days ago - Pushed at: over 1 year ago - Stars: 567 - Forks: 46

avatartwo/avatar2

Python core of avatar²

Language: Python - Size: 257 MB - Last synced at: 11 days ago - Pushed at: 4 months ago - Stars: 552 - Forks: 106

mohitmishra786/reversingBits

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse engineers, and low-level programmers.

Language: HTML - Size: 122 KB - Last synced at: about 2 months ago - Pushed at: 6 months ago - Stars: 539 - Forks: 66

ex0dus-0x/fuzzable

Framework for Automating Fuzzable Target Discovery with Static Analysis.

Language: Python - Size: 1.44 MB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 532 - Forks: 53

quarkslab/binbloom

Raw binary firmware analysis software

Language: C - Size: 171 KB - Last synced at: 4 months ago - Pushed at: about 1 year ago - Stars: 521 - Forks: 57

carbonblack/binee

Binee: binary emulation environment

Language: Go - Size: 28.2 MB - Last synced at: 3 months ago - Pushed at: over 2 years ago - Stars: 516 - Forks: 74

c3rb3ru5d3d53c/binlex

A Binary Genetic Traits Lexer Framework

Language: Rust - Size: 17.8 MB - Last synced at: 7 days ago - Pushed at: 8 days ago - Stars: 496 - Forks: 54

feicong/sec_skills

软件安全工程师技能表

Size: 1 MB - Last synced at: 3 days ago - Pushed at: almost 8 years ago - Stars: 486 - Forks: 93

decomp/decomp

Components of a decompilation pipeline.

Language: Go - Size: 658 KB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 473 - Forks: 30

mewmew/dissection

The dissection of a simple "hello world" ELF binary.

Language: Assembly - Size: 303 KB - Last synced at: about 2 months ago - Pushed at: over 4 years ago - Stars: 463 - Forks: 39

jaybosamiya/security-notes

:notebook: Some security related notes

Size: 21.5 KB - Last synced at: about 1 hour ago - Pushed at: almost 8 years ago - Stars: 459 - Forks: 41

nikolaydubina/go-binsize-treemap

🔍 Go binary size SVG treemap

Language: Go - Size: 31.3 MB - Last synced at: about 2 months ago - Pushed at: 10 months ago - Stars: 451 - Forks: 15

cristianzsh/freki

:wolf: Malware analysis platform

Language: YARA - Size: 13.8 MB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 442 - Forks: 56

B2R2-org/B2R2

B2R2 is a collection of useful algorithms, functions, and tools for binary analysis.

Language: F# - Size: 15.7 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 432 - Forks: 64

zeropointdynamics/zelos

A comprehensive binary emulation and instrumentation platform.

Language: Python - Size: 23.2 MB - Last synced at: 2 months ago - Pushed at: over 2 years ago - Stars: 412 - Forks: 50

ucsb-seclab/BootStomp

BootStomp: a bootloader vulnerability finder

Language: Python - Size: 3.58 MB - Last synced at: 4 months ago - Pushed at: over 3 years ago - Stars: 396 - Forks: 67

secrary/idenLib

idenLib - Library Function Identification [This project is not maintained anymore]

Language: C++ - Size: 79.1 KB - Last synced at: 6 days ago - Pushed at: over 6 years ago - Stars: 395 - Forks: 73

feicong/macbook

《macOS软件安全与逆向分析》随书源码

Language: Objective-C - Size: 10.8 MB - Last synced at: 3 days ago - Pushed at: almost 8 years ago - Stars: 382 - Forks: 86

fkie-cad/friTap

Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.

Language: JavaScript - Size: 33.3 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 364 - Forks: 34

A200K/IDA-Pro-SigMaker

Signature maker plugin for IDA 8.x and 9.x

Language: C++ - Size: 66.4 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 363 - Forks: 65

saferwall/pe

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Language: Go - Size: 28.6 MB - Last synced at: 14 days ago - Pushed at: about 1 month ago - Stars: 361 - Forks: 53

GrammaTech/gtirb

Intermediate Representation for Binary analysis and transformation

Language: C++ - Size: 21 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 340 - Forks: 36

mohitmishra786/underTheHoodOfExecutables

A guide that explains how programs transform from source code to executables. Deep dive into ELF format, linking processes, and binary optimization techniques. Perfect for systems programmers, C developers, and anyone interested in low-level programming concepts.

Language: HTML - Size: 592 KB - Last synced at: 2 months ago - Pushed at: 8 months ago - Stars: 328 - Forks: 36

beehive-lab/mambo

A low-overhead dynamic binary instrumentation and modification tool for ARM (both AArch32 and AArch64 support) and RISC-V (RV64GC).

Language: C - Size: 3.31 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 325 - Forks: 68

reb311ion/replica

Ghidra Analysis Enhancer 🐉

Language: Python - Size: 2.66 MB - Last synced at: 4 months ago - Pushed at: about 5 years ago - Stars: 295 - Forks: 30

CERTCC/kaiju Fork of cmu-sei/kaiju

CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is the primary, canonical repository for this project -- file bug reports and wishes here!

Language: Java - Size: 1.56 MB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 293 - Forks: 24

thetacom/hexabyte

A modern, modular, and robust TUI hex editor.

Language: Python - Size: 12 MB - Last synced at: 17 days ago - Pushed at: over 1 year ago - Stars: 277 - Forks: 5

secrary/DrSemu

DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior

Language: C++ - Size: 611 KB - Last synced at: 6 days ago - Pushed at: over 5 years ago - Stars: 273 - Forks: 62

mandiant/xrefer

FLARE Team's Binary Navigator

Language: Python - Size: 125 MB - Last synced at: 27 days ago - Pushed at: about 1 month ago - Stars: 264 - Forks: 25

StarCrossPortal/sleighcraft

sleigh craft!

Language: C++ - Size: 16.5 MB - Last synced at: 12 months ago - Pushed at: over 3 years ago - Stars: 246 - Forks: 18

FSecureLABS/z3_and_angr_binary_analysis_workshop

Code and exercises for a workshop on z3 and angr

Language: Python - Size: 1.45 MB - Last synced at: 2 months ago - Pushed at: over 4 years ago - Stars: 227 - Forks: 39

WPeace-HcH/SysNR-FuncFinder

A plugin for IDA that renames functions by system call numbers.

Language: Python - Size: 1.82 MB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 225 - Forks: 33

mebeim/systrack

📡🐧 Linux kernel syscall implementation tracker

Language: Python - Size: 2.66 MB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 214 - Forks: 13

extremecoders-re/re-list

A list of open source reverse engineering tools with a focus on binary analysis

Size: 101 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 207 - Forks: 23

Karmaz95/Snake_Apple

Articles and tools related to research in the Apple environment (mainly macOS).

Language: Python - Size: 51.5 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 201 - Forks: 22

fkie-cad/dewolf

A research decompiler implemented as a Binary Ninja plugin.

Language: Python - Size: 4.34 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 196 - Forks: 9

fugue-re/fugue-core

A binary analysis framework written in Rust.

Language: Rust - Size: 1.82 MB - Last synced at: 21 days ago - Pushed at: 21 days ago - Stars: 170 - Forks: 8

harlamism/IdaClu

IdaClu is a version agnostic IDA Pro plugin for grouping similar functions. Pick an existing grouping algorithm or create your own.

Language: Python - Size: 431 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 167 - Forks: 17

Lancern/asm2vec

An unofficial implementation of asm2vec as a standalone python package

Language: Python - Size: 63.5 KB - Last synced at: 3 days ago - Pushed at: over 4 years ago - Stars: 165 - Forks: 36

jovibor/Pepper

PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.

Language: C++ - Size: 2.2 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 162 - Forks: 36

jovibor/libpe

Library for parsing internal structures of PE32/PE32+ binary files.

Language: C++ - Size: 397 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 160 - Forks: 36

nirizr/rematch

REmatch, a complete binary diffing framework that is free and strives to be open source and community driven.

Language: Python - Size: 1.47 MB - Last synced at: 4 months ago - Pushed at: over 6 years ago - Stars: 154 - Forks: 22

lifting-bits/sleigh

Unofficial CMake build for Ghidra's C++ SLEIGH code

Language: CMake - Size: 717 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 153 - Forks: 21

SoftSec-KAIST/BinKit

Binary Code Similarity Analysis (BCSA) Benchmark

Language: Shell - Size: 105 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 152 - Forks: 27

taviso/kiewtai

A port of Kaitai to the Hiew hex editor

Language: C - Size: 3.86 MB - Last synced at: 3 months ago - Pushed at: about 5 years ago - Stars: 148 - Forks: 13

nsacyber/BAM

The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber

Language: Python - Size: 231 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 143 - Forks: 27

PREF/PREF

Portable Reverse Engineering Framework

Language: C++ - Size: 3.42 MB - Last synced at: over 1 year ago - Pushed at: about 8 years ago - Stars: 143 - Forks: 23

packing-box/peid

Python implementation of the Packed Executable iDentifier (PEiD)

Language: Python - Size: 1.29 MB - Last synced at: 29 days ago - Pushed at: about 1 year ago - Stars: 139 - Forks: 15

abenkhadra/bcov

Static instrumentation tool for efficient binary-level coverage analysis.

Language: C++ - Size: 446 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 137 - Forks: 8

8dcc/bin-graph

Visualize binary files

Language: C - Size: 309 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 132 - Forks: 3

trailofbits/sienna-locomotive 📦

A user-friendly fuzzing and crash triage tool for Windows

Language: C++ - Size: 8.96 MB - Last synced at: over 1 year ago - Pushed at: over 5 years ago - Stars: 130 - Forks: 24

cmu-sei/kaiju

CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- please file tickets, bug reports, or pull requests at the upstream home in @CERTCC: https://github.com/certcc/kaiju

Language: Java - Size: 1.54 MB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 129 - Forks: 34

SpriteOvO/sigmatch

✨ Modern C++ 20 signature match / search library

Language: C++ - Size: 51.8 KB - Last synced at: 8 days ago - Pushed at: 11 months ago - Stars: 127 - Forks: 19

SoftSec-KAIST/TikNib

Binary Code Similarity Analysis (BCSA) Tool

Language: Python - Size: 122 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 123 - Forks: 26

GaloisInc/grease

CLI tool, Ghidra plug-in, and Haskell library for analyzing binaries using under-constrained symbolic execution

Language: Haskell - Size: 1.61 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 119 - Forks: 7

csvl/SEMA

SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.

Language: Python - Size: 1.42 GB - Last synced at: 12 days ago - Pushed at: 4 months ago - Stars: 115 - Forks: 23