10 Repos
Low-level analysis of raw internal tables and structural composition of binary images.
Distinct from Table Metadata Inspection: None of the candidates target binary file structural analysis; most are database-centric.
Explore 10 awesome GitHub repositories matching operating systems & systems programming · Binary Metadata Inspection. Refine with filters or upvote what's useful.
ILSpy is a .NET decompiler and binary analyzer designed to convert compiled .NET assemblies back into readable C# source code. It functions as a metadata explorer and a common intermediate language viewer, enabling the analysis of compiled code and the execution of reverse engineering workflows. The project distinguishes itself through specialized translation capabilities, such as converting compiled binary XML (BAML) back into human-readable XAML for user interface analysis. It also provides tools for inspecting native machine code and extracting metadata from program database (PDB) files.
Analyzes the raw internal tables of a binary image to examine the structural composition of the file.
VisiData is a terminal-based interactive data analysis tool and browser designed for exploring, filtering, and sorting large tabular datasets. It functions as a structured data inspector that loads and flattens complex formats like JSON, XML, and PCAP into interactive sheets, as well as a terminal file manager for navigating directories and performing staged filesystem operations. The project distinguishes itself by rendering data visualizations, such as scatter plots and histograms, directly in the terminal using Unicode Braille characters. It provides a Python-based data wrangling environme
Provides low-level inspection of raw binary files like PCAP and Shapefiles.
RetDec is a reverse engineering framework and static binary analysis tool. Its primary purpose is to function as an LLVM-based machine code decompiler that translates binary machine code from multiple architectures into high-level C source code. The system employs a multi-stage lifting pipeline to recover program logic, using an intermediate representation to apply optimizations before emitting source code. It distinguishes itself through the ability to identify compilers and packers, perform executable unpacking, and reconstruct class hierarchies and original program structures. The framewo
Parses object file formats to extract and represent the structural composition of compiled binary images.
Das WebAssembly Binary Toolkit ist eine Sammlung von Tools zum Inspizieren, Validieren und Transformieren von WebAssembly-Modulen zwischen binären und menschenlesbaren Darstellungen. Es enthält einen Stack-basierten Interpreter zur Ausführung von Modulen sowie einen Transpiler, der Binärdateien in C-Quellcode und Header konvertiert. Das Toolkit bietet Dienstprogramme zum Assemblieren von menschenlesbarem Text in Binärmodule und zum Disassemblieren von Binärdateien zurück in Text. Es verfügt über einen Text-Formatter zur Normalisierung von Definitionen in eine kanonische flache Darstellung und unterstützt die Konvertierung von Binärdateien in S-Expression-Formate. Das Projekt deckt breite Funktionsbereiche ab, einschließlich Binärmanipulation, wie das Entfernen von Metadaten-Sektionen, und Modul-Inspektion zur Extraktion struktureller Statistiken und Debug-Symbole. Es bietet zudem Validierungstools zur Überprüfung der binären Korrektheit gemäß technischer Spezifikationen sowie eine Laufzeitumgebung für die Ausführung von WASI-konformer Logik.
Extracts structural information and section headers from binary files to analyze internal composition.
GEF is a Python-based extension for GDB that serves as a framework for binary analysis, exploit development, and low-level debugging. It functions as a dynamic analysis extension designed to assist in reverse engineering workflows and malware analysis by enhancing the debugger's ability to inspect process state and memory. The project is distinguished by its specialized heap analysis tools, which allow for the inspection of glibc heap arenas, bins, and chunks to detect memory corruption. It also provides a dedicated toolkit for exploit development, including cyclic pattern generation for offs
Retrieves structural information and properties from an ELF binary to assist in file analysis.
A fast and clever hex editor for macOS
Provides live interpretation of raw bytes as integers or floats with configurable endianness.
HexFiend is a native macOS hex editor designed for opening and editing binary files of any size without loading them entirely into memory. It uses a 64-bit addressable data model with memory-mapped file access, enabling navigation of multi-gigabyte files while maintaining byte-level undo for insert and delete operations. The editor distinguishes itself through a diff algorithm for binary file comparison that accounts for insertions and deletions, and a template-based structure parsing system that uses user-defined scripts to visualize binary file layouts. It also includes a typed data interpr
Interprets raw bytes as integers, floats, and other types with configurable endianness and signedness.
JPEX Software is a comprehensive reverse engineering suite for SWF binary files, serving as an ActionScript decompiler and editor. It provides a toolkit for decompiling, analyzing, and modifying the internal structure of compiled Flash content, including the extraction of scripts and media assets. The project is distinguished by its ability to perform direct binary modification, allowing users to edit bytecode and replace embedded resources without reverting to high-level source code. It includes a runtime ActionScript bytecode debugger for variable inspection and call stack analysis, as well
Inspects the underlying structure of files using a hexadecimal dump view with color highlighting.
w64devkit ist ein portables MinGW-w64 C/C++-Entwicklungskit und eine in sich geschlossene GCC-Toolchain für Windows. Es bietet eine native Build-Umgebung zum Kompilieren von C-, C++- und Fortran-Quellcode in x86- und x64-ausführbare Binärdateien, ohne dass eine systemweite Installation oder Änderungen an der Host-Registry und den Umgebungsvariablen erforderlich sind. Die Toolchain wird als in sich geschlossene Suite von Compilern, Linkern und Assemblern vertrieben, die aus jedem Verzeichnis heraus ausgeführt werden kann. Sie enthält einen spezialisierten shell-basierten Umgebungs-Wrapper, um den Pfad zu ihren Binärdateien automatisch zu konfigurieren, und nutzt statisches Linking, um externe Laufzeitabhängigkeitskonflikte zu eliminieren. Über die Kompilierung hinaus enthält das Kit ein Debugging-Toolkit zur Inspektion von Speicher und zur Analyse laufender Prozesse sowie Utilities zur PE-Binärinspektion zum Dekodieren von Import- und Exporttabellen. Es deckt zudem die Automatisierung von Build-Workflows, das Signieren von Binärcode und die Erstellung von Windows-Installationspaketen ab.
Displays export and import tables of executables and decodes name decorations in compiled libraries.
ExecuTorch is a lightweight C++ runtime for deploying PyTorch models on mobile, embedded, and edge hardware. It provides an ahead-of-time compilation pipeline that exports, quantizes, and lowers model graphs into compact serialized programs, then executes them through a minimal runtime with hardware acceleration and on-device large language model inference capabilities. The project distinguishes itself through a hardware accelerator delegate system that partitions model subgraphs and offloads computation to specialized backends including NPUs, GPUs, and DSPs from Apple, Arm, Intel, MediaTek,
Prints serialized program contents in human-readable format for debugging and verification.