Packages that operate on binary files in some form.
Tool count: 147
| Name | Version | Description | Category | Website |
|---|---|---|---|---|
| afl | 2.57b | Security-oriented fuzzer using compile-time instrumentation and genetic algorithms | fuzzer binary | |
| amber | 256.f6eb2dc | Reflective PE packer. | binary packer windows | |
| amoco | 1:v2.4.1.r316.gf4081db | Yet another tool for analysing binaries. | binary reversing | |
| analyzepesig | 0.0.0.5 | Analyze digital signature of PE file. | windows binary forensic | |
| androguard | 3:3.3.5 | Reverse engineering, Malware and goodware analysis of Android applications and more. | binary disassembler malware | |
| angr | 1:9.1.11752 | The next-generation binary analysis platform from UC Santa Barbara's Seclab. | binary disassembler reversing | |
| angr-management | 9.1.11752 | This is the GUI for angr. | binary disassembler reversing | |
| angr-py2 | 1:7.8.9.26 | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | binary disassembler reversing | |
| avet | 133.2f1d882 | AntiVirus Evasion Tool | binary backdoor automation | |
| backdoor-factory | 1:210.0c53045 | Patch win32/64 binaries with shellcode. | backdoor binary | |
| bagbak | 295.bab0de9 | Yet another frida based App decryptor. | mobile reversing binary | |
| barf | 923.9547ef8 | A multiplatform open source Binary Analysis and Reverse engineering Framework. | binary reversing | |
| bdfproxy | 107.276c367 | Patch Binaries via MITM: BackdoorFactory + mitmProxy | proxy binary | |
| bgrep | 24.28029c9 | Binary grep. | binary | |
| binaryninja-demo | 4.0.4958 | A new kind of reversing platform (demo version). | reversing binary | |
| binaryninja-python | 13.83f59f7 | Binary Ninja prototype written in Python. | binary | |
| bindead | 4504.67019b97b | A static analysis tool for binaries | binary debugger reversing | |
| bindiff | 6.0.0 | A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code. | binary reversing | |
| binflow | 5.7fb02a9 | POSIX function tracing. Much better and faster than ftrace. | binary debugger | |
| binnavi | 6.1.0 | A binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code. | disassembler reversing binary | |
| binwalk | 2.3.4 | A tool for searching a given binary image for embedded files | disassembler firmware reversing binary | |
| binwally | 4.0aabd8b | Binary and Directory tree comparison tool using the Fuzzy Hashing concept (ssdeep). | binary | |
| bsdiff | 4.3 | bsdiff and bspatch are tools for building and applying patches to binary files. | reversing binary | |
| bvi | 1.4.1 | A display-oriented editor for binary files operate like "vi" editor. | binary misc | |
| bytecode-viewer | 1:2.11.2 | A Java 8/Android APK Reverse Engineering Suite. | binary reversing | |
| chipsec | 4:2069.10ed1329 | Framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. | hardware binary forensic scanner fuzzer | |
| cminer | 25.d766f7e | A tool for enumerating the code caves in PE files. | binary windows | |
| cpp2il | 1:2022.0.7.r17.g20ccab2 | A tool to reverse unity's IL2PP toolchain | binary reversing | |
| damm | 32.60e7ec7 | Differential Analysis of Malware in Memory. | malware binary reversing | |
| de4dot | 3.1.41592 | .NET deobfuscator and unpacker. | windows unpacker binary reversing | |
| detect-it-easy | 1:3.02 | A program for determining types of files. | binary reversing | |
| dexpatcher | 1.7.0 | Modify Android DEX/APK files at source-level using Java. | mobile binary | |
| dissector | 1 | This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux. | binary | |
| dnspy | 6.1.8 | .NET debugger and assembly editor. | windows decompiler binary reversing | |
| dotpeek | 2021.3.3 | Free .NET Decompiler and Assembly Browser. | windows decompiler binary reversing | |
| dutas | 10.37fa3ab | Analysis PE file or Shellcode. | binary reversing | |
| dwarf | 1082.cdf85f4 | Full featured multi arch/os debugger built on top of PyQt5 and frida. | binary debugger disassembler exploitation mobile reversing | |
| dynamorio | 9.0.19046 | DynamoRIO is a runtime code manipulation system that supports code transformations on any part of a program, while it executes. | binary reversing | |
| ecfs | 305.1758063 | Extended core file snapshot format. | binary | |
| elfkickers | 3.2 | Collection of ELF utilities (includes sstrip) | binary | |
| elfparser | 7.39d21ca | Cross Platform ELF analysis. | binary | |
| elfutils | 0.191 | Utilities to handle ELF object files and DWARF debugging information. | binary | |
| eresi | 1291.4769c175 | The ERESI Reverse Engineering Software Interface. | binary reversing debugger disassembler | |
| evilize | 0.2 | Tool to create MD5 colliding binaries. | cracker binary crypto | |
| exe2image | 1.1 | A simple utility to convert EXE files to JPEG images and vice versa. | backdoor binary | |
| exescan | 1.ad993e3 | A tool to detect anomalies in PE (Portable Executable) files. | binary | |
| expimp-lookup | 4.79a96c7 | Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree. | binary recon | |
| expose | 1110.30264af | A Dynamic Symbolic Execution (DSE) engine for JavaScript | binary reversing code-audit | |
| ffdec | 11.0.0 | Open source Flash SWF decompiler and editor. | decompiler binary misc | |
| frida-ios-dump | 53.56e99b2 | Pull decrypted ipa from jailbreak device. | mobilereversing binary | |
| frida-ipa-dump | 1:117.b9dcb91 | Yet another frida based iOS dumpdecrypted. | mobilereversing binary | |
| gadgetinspector | 6.ac7832d | A byte code analyzer for finding deserialization gadget chains in Java applications. | decompiler binary | |
| gdbgui | 1:437.be95217 | Browser-based gdb frontend using Flask and JavaScript to visually debug C, C++, Go, or Rust. | debugger binary | |
| haystack | 1823.c178b5a | A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. | binary forensic | |
| hercules-payload | 222.2607a3a | A special payload generator that can bypass all antivirus software. | binary windows backdoor | |
| hex2bin | 2.5 | Converts Motorola and Intel hex files to binary. | binary | |
| hollows-hunter | 0.3.9 | Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches). | windows malware binary | |
| hopper | 5.15.0 | Reverse engineering tool that lets you disassemble, decompile and debug your applications. | reversing disassembler decompiler binary | |
| hyperion-crypter | 2.3.1 | A runtime encrypter for 32-bit portable executables. | windows binary crypto | |
| ida-free | 8.3 | Freeware version of the world's smartest and most feature-full disassembler. | reversing disassembler decompiler binary | |
| imagejs | 56.a442f94 | Small tool to package javascript into a valid image file. | binary webapp | |
| jpegdump | 0.0.7 | Tool to analyzse JPEG images Reads binary files and parses the JPEG markers inside them. | binary forensic | |
| justdecompile | 22018 | The decompilation engine of JustDecompile. | windows decompiler binary reversing | |
| jwscan | 7.874b3a5 | Scanner for Jar to EXE wrapper like Launch4j, Exe4j, JSmooth, Jar2Exe. | reversing binary | |
| klee | 2.1 | A symbolic virtual machine built on top of the LLVM compiler infrastructure. | binary reversing debugger | |
| lazydroid | 25.0f559ec | Tool written as a bash script to facilitate some aspects of an Android Assessment | mobile automation binary | |
| ld-shatner | 4.5c215c4 | ld-linux code injector. | backdoor binary | |
| leena | 2.5119f56 | Symbolic execution engine for JavaScript | binary code-audit | |
| linux-inject | 100.268d4e4 | Tool for injecting a shared object into a Linux process. | backdoor binary | |
| loadlibrary | 104.c40033b | Porting Windows Dynamic Link Libraries to Linux. | binary | |
| ltrace | 0.7.3 | Tracks runtime library calls in dynamically linked programs | binary | |
| malscan | 5.773505a | A Simple PE File Heuristics Scanner. | malware binary | |
| manticore | 0.3.7.r73.g88610053 | Symbolic execution tool. | binary | |
| manul | 197.f525df9 | A coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS. | fuzzer binary | |
| melkor | 1.0 | An ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). | fuzzer binary | |
| metame | 14.8d583a0 | A simple metamorphic code engine for arbitrary executables. | binary | |
| mikrotik-npk | 11.d54e97c | Python tools for manipulating Mikrotik NPK format. | reversing binary networking packer unpacker | |
| ms-sys | 2.7.0 | A tool to write Win9x-.. master boot records (mbr) under linux - RTM! | backdoor binary forensic | |
| msvpwn | 1:65.328921b | Bypass Windows' authentication via binary patching. | windows binary backdoor | |
| objdump2shellcode | 28.c2d6120 | A tool I have found incredibly useful whenever creating custom shellcode. | binary misc | |
| objection | 1.11.0 | Instrumented Mobile Pentest Framework. | mobilereversing binary | |
| oledump | 0.0.75 | Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams. | binary malware | |
| oletools | 1:0.54.1 | Tools to analyze Microsoft OLE2 files. | binary forensic | |
| origami | 2.1.0 | Aims at providing a scripting tool to generate and analyze malicious PDF files. | malware binary | |
| osslsigncode | 333.b967175 | A small tool that implements part of the functionality of the Microsoft tool signtool.exe. | windows binary automation | |
| packer | 1.10.3 | tool for creating identical machine images for multiple platforms from a single source configuration | binary | |
| packer-io | 1.2.4 | tool for creating identical machine images for multiple platforms from a single source configuration | binary | |
| packerid | 1.4 | Script which uses a PEiD database to identify which packer (if any) is being used by a binary. | binary packer reversing | |
| patchkit | 37.95dc699 | Powerful binary patching from Python. | binary backdoor | |
| pe-bear | 0.6.7.3 | A freeware reversing tool for PE files. | windows malware binary reversing disassembler | |
| pe-sieve | 0.3.9 | Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches). | windows malware binary | |
| peframe | 135.70683b6 | Tool to perform static analysis on (portable executable) malware. | malware binary reversing | |
| pepper | 18.9dfcade | An open source script to perform malware static analysis on Portable Executable. | malware reversing binary | |
| periscope | 3.2 | A PE file inspection tool. | windows forensic binary | |
| pextractor | 0.18b | A forensics tool that can extract all files from an executable file created by a joiner or similar. | windows forensic binary | |
| pin | 3.28.r98749 | A dynamic binary instrumentation tool. | automation binary reversing | |
| pintool | 24.d538a79 | This tool can be useful for solving some reversing challenges in CTFs events. | reversing binary | |
| pintool2 | 5.1c1af91 | Improved version of pintool. | reversing binary | |
| pixd | 9.f49add4 | Colourful visualization tool for binary files. | binary misc | |
| plasma | 922.ec7df9b | An interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax. | disassembler binary debugger | |
| plasma-disasm | 922.ec7df9b | An interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax. | disassembler binary debugger | |
| powerstager | 14.0149dc9 | A payload stager using PowerShell. | binary backdoor | |
| ppee | 1.12 | A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more details. | windows malware reversing binary | |
| procdump | 63.5f23548 | Generate coredumps based off performance triggers. | binary misc | |
| proctal | 482.67bf7e8 | Provides a command line interface and a C library to manipulate the address space of a running program on Linux. | binary misc | |
| python-frida | 15.2.2 | Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. | reversing binary | |
| python-frida-tools | 11.0.0 | Frida CLI tools. | reversing binary mobile | |
| python-oletools | 1:0.60.1 | Tools to analyze Microsoft OLE2 files. | binary forensic | |
| python-peid | 1.2.9 | Python implementation of the Packed Executable iDentifier (PEiD). | binary reversing | |
| python-pwntools | 4.12.0 | CTF framework and exploit development library | disassembler reversing binary | |
| python2-frida | 15.2.2 | Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. | reversing binary | |
| python2-frida-tools | 11.0.0 | Frida CLI tools. | reversing binary mobile | |
| python2-oletools | 1:0.60.1 | Tools to analyze Microsoft OLE2 files. | binary forensic | |
| quickscope | 437.a4e6427 | Statically analyze windows, linux, osx, executables and also APK files. | binary reversing | |
| radare2-keystone | 781.8a2c686 | Keystone assembler plugins for radare2. | disassembler binary reversing | |
| radare2-unicorn | 833.ccc7d46 | Unicorn Emulator Plugin for radare2. | disassembler binary reversing | |
| rbasefind | 41.a661118 | A firmware base address search tool. | binary | |
| recomposer | 2.90f85ed | Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites. | automation binary | |
| redress | v0.8.0.alpha4.r6.g28a8814 | A tool for analyzing stripped Go binaries. | binary reversing | |
| ropgadget | 7.4 | Lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. | exploitation binary | |
| ropper | 1.13.8 | Show information about binary files and find gadgets to build rop chains for different architectures | exploitation binary | |
| rp | 138.3a54a7c | A full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. | exploitation binary | |
| saruman | 2.4be8db5 | ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). | binary backdoor anti-forensic | |
| sea | 103.9aca1c8 | A tool to help to create exploits of binary programs. | malware binary | |
| setowner | 1.1 | Allows you to set file ownership to any account, as long as you have the "Restore files and directories" user right. | windows binary | |
| sgn | 36.f54fa65 | Shikata ga nai encoder ported into go with several improvements. | binary | |
| sherlocked | 1.f190c2b | Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging. | packer binary crypto backdoor | |
| smap | 24.3ed1ac7 | Shellcode mapper - Handy tool for shellcode analysis. | exploitation binary | |
| soot | 3.4.0 | A Java Bytecode Analysis and Transformation Framework. | binary | |
| strace | 6.8 | A diagnostic, debugging and instructional userspace tracer | binary | |
| stringsifter | 31.342dfcc | Machine learning tool that automatically ranks strings based on their relevance for malware analysis. | binary forensic | |
| swftools | 0.9.2 | A collection of SWF manipulation and creation utilities | binary reversing webapp | |
| syms2elf | 12.329c2ce | A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table. | reversing disassembler binary | |
| syringe | 12.79a703e | A General Purpose DLL & Code Injection Utility. | backdoor binary windows | |
| trid | 2.24 | An utility designed to identify file types from their binary signatures. | forensic binary | |
| triton | 1:4164.924bcbb2 | A Dynamic Binary Analysis (DBA) framework. | binary reversing | |
| truegaze | 117.c3f26bc | Static analysis tool for Android/iOS apps focusing on security issues outside the source code. | mobile binary | |
| unifuzzer | 5.3385a3b | A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer. | fuzzer binary | |
| unstrip | 13.05e00c2 | ELF Unstrip Tool. | disassembler binary | |
| upx | 4.2.3 | Ultimate executable compressor. | binary misc | |
| valgrind | 3.22.0 | A tool to help find memory-management problems in programs | binary code-audit | |
| veles | 1:637.e65de5a | New open source tool for binary data analysis. | binary reversing disassembler | |
| viper | 2099.fdd7855 | A Binary analysis framework. | disassembler binary malware | |
| volafox | 143.5b42987 | Mac OS X Memory Analysis Toolkit. | forensic binary | |
| wcc | 83.8254480 | The Witchcraft Compiler Collection. | binary misc | |
| wxhexeditor | 733.f439d8f | A free hex editor / disk editor for Linux, Windows and MacOSX. | binary misc | |
| zelos | 272.506554d | A comprehensive binary emulation and instrumentation platform. | binary |