4 Repos
Restoring corrupted binary file headers by analyzing the internal data layout of the file.
Distinct from File Header Identifiers: Focuses on repairing corrupted binary headers in memory rather than identifying database file header IDs.
Explore 4 awesome GitHub repositories matching data & databases · Binary Header Reconstruction. Refine with filters or upvote what's useful.
nghttp2 ist eine Suite von Low-Level-C-Bibliotheken und Tools für die Implementierung des HTTP/2-Protokolls. Sie bietet eine speichereffiziente Implementierung der Kernlogik des Protokolls, einschließlich Framing, Stream-Multiplexing und Flusskontrolle. Das Projekt enthält eine dedizierte Bibliothek für HPACK-Header-Kompression und -Dekompression zur Reduzierung der Netzwerkbandbreite. Zudem bietet es ein Toolset zur Analyse des Netzwerkverkehrs und zum Benchmarking der Serverleistung, einschließlich Messungen von Durchsatz und Latenz. Die breiteren Funktionen decken die Protokollimplementierung und das Traffic-Management ab, einschließlich ALPN-Verbindungsaushandlung, Anforderungspriorisierung und Validierung von Header-Komponenten. Die Bibliothek unterstützt benutzerdefinierte Protokollerweiterungen über ein Callback-basiertes Ereignissystem und enthält Dienstprogramme für Speicherverwaltung und Fehlercode-Übersetzung. Das Projekt umfasst Build-Unterstützung und Konfigurationsskripte für das Cross-Compiling von Binärdateien für die Android-Plattform.
Reconstructs original header fields from a compressed header block using a customizable memory allocator.
frida-dexdump is an Android memory forensics tool that recovers Dalvik Executable (DEX) files from running application processes using the Frida dynamic instrumentation framework. It functions as a Frida-based runtime analyzer and DEX memory dumper, capable of extracting obfuscated or packed DEX files without modifying the Android system. The tool distinguishes itself through its ability to repair corrupted or missing DEX file headers using heuristic analysis and fuzzy matching techniques. It employs fuzzy boundary detection to identify DEX file boundaries in memory even when headers are dama
Rebuilds corrupted or missing DEX file headers by matching internal data layout patterns against known byte-sequence signatures.
Clutch is a command-line utility designed for security research on jailbroken mobile devices. It functions as a specialized toolkit for identifying, decrypting, and extracting installed mobile application binaries to facilitate manual code inspection and vulnerability assessment. The tool provides capabilities for removing platform-level encryption from protected software, allowing researchers to isolate core executable files from application bundles. By performing memory-mapped file dumping and reconstructing binary headers, it enables the conversion of protected applications into portable,
Reconstructs Mach-O binary headers from memory-mapped segments to enable offline analysis of decrypted executables.
pe-sieve is a set of diagnostic tools for scanning Windows process memory to identify malicious implants, shellcode, and hooks. It functions as an in-memory implant detector, malware unpacker, and process callstack analyzer designed to locate and dump memory patches and injected code from running processes. The project identifies advanced evasion techniques, such as process hollowing and reflective injection, by verifying portable executable structures in memory. It distinguishes itself by analyzing process callstacks to detect anomalies and redirections and by reconstructing executable heade
Restores original executable headers and section alignments from raw memory dumps to create valid files for static analysis.