30 open-source projects similar to dloss/binary-parsing, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Binary Parsing alternative.
dnSpy is a specialized toolset for the reverse engineering, analysis, and modification of compiled .NET binaries. It functions as a decompiler that converts assemblies back into readable high-level source code, an assembly editor for modifying bytecode and metadata, and a debugger for inspecting compiled binaries. The project integrates a hex editor specifically for inspecting and modifying raw bytes and Common Intermediate Language structures. It allows for the direct modification of binary contents to change application behavior without requiring the original project source files. The tool
Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
Capstone is a multi-architecture disassembly framework and binary translation system. It converts binary machine code into human-readable assembly instructions for a wide variety of hardware instruction set architectures and virtual machines. The framework supports a diverse range of targets, including x86, ARM, RISC-V, and MIPS, as well as virtual machine environments like WebAssembly and the Ethereum Virtual Machine. It functions as an instruction analysis tool capable of extracting granular decomposition data and semantic information from disassembled code. The engine is designed for low-
Binary Analysis Platform
ipsw is a specialized toolkit for iOS firmware analysis, binary reverse engineering, and hardware interaction. It provides a suite of tools for downloading, extracting, and analyzing firmware images and kernel caches, alongside a MachO binary analysis tool for disassembling and patching executables. The project distinguishes itself through integrated language-model-powered code reconstruction to translate machine code into high-level source code. It also features an automation client for the App Store Connect API to manage certificates and application settings. The framework covers a broad r
FunctionInliner is an IDA plugin that can be used to ease the reversing of binaries that have been space-optimized with function outlining (e.g. clang --moutline).
PacXplorer is an IDA plugin that adds XREFs between virtual functions and their call sites. This is accomplished by leveraging PAC codes in ARM64e binaries. 1. install ida-nentode somewhere IDA can import it 2. clone the repository and symlink ~/.idapro/plugins/pacxplorer.py to pacxplorer.py in…
GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA.
` git clone https://github.com/dubuqingfeng/ollydbg-script.git `
Binary Ninja Loader for iBoot & SecureROM
We evaluated two packer type estimation/detection tools (pypeid and Detect It Easy (DIE)) to fix this issue.
This project is a binary static analysis tool designed to recover hidden and non-standard encoded strings from compiled binaries. It functions as a malware analysis utility and string decryptor, extracting obfuscated text to reveal concealed program behavior without executing the code. The tool automates the recovery of embedded strings through a combination of emulated instruction execution and abstract syntax tree evaluation. It utilizes pattern-based heuristic detection to identify obfuscation routines and employs cross-platform binary parsing to process multiple executable formats. The s
Qira is a runtime analysis tool and interactive binary debugger designed for the QEMU emulator. It functions as a binary execution tracer that records a full timeline of instruction invocations and provides a system for monitoring memory operations within guest processes. The project enables the analysis of compiled binaries by tracing instruction-level execution and mapping raw memory addresses to user-defined annotations. It includes capabilities for state-snapshotting to manage execution forks, allowing the navigation of divergent logic paths and the inspection of CPU register states and s
BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
32/64 bit SecureROM/iBoot loader for IDA Pro. Supports IDA Pro 7.0+ on all platforms.
mootool is an attempt at an open source replacement to the legandary jtool2 allowing it to continue to progress with the Apple research community. Ruby was selected as Homebrew maintains a good Mach-O parser that is pure (meaning it needs no dependencies other then a Ruby runtime).