14 个仓库
Altering compiled application binaries to inject logic or bypass restrictions without source code access.
Distinct from Binary Modification Tooling: None of the candidates cover the general practice of modifying third-party application binaries for feature unlocking on mobile OSs.
Explore 14 awesome GitHub repositories matching operating systems & systems programming · Application Binary Modifications. Refine with filters or upvote what's useful.
LSPosed is an Android runtime hooking framework and in-memory code modifier. It functions as a system hooking tool that intercepts and modifies system and application methods in memory to change behavior without altering original installation files. The project provides a standardized interface through the Xposed Module API, allowing for the development of plugins that alter the behavior of the Android operating system and installed applications. The framework covers a range of capabilities including runtime function interception, Android system debugging, and application customization. Thes
Provides the ability to alter system and application code in memory without modifying installation files.
BaiduNetdiskPlugin-macOS is a suite of macOS system extensions and tools designed to remove download speed limits and unlock premium features for the Baidu Netdisk client. It functions as a download speed unblocker and premium feature unlocker to enable maximum data transfer rates and activate SVIP status. The project includes a software update blocker that prevents the client from performing automatic updates to preserve the applied modifications. It achieves these results by removing local data transfer rate restrictions and eliminating trial duration limits.
Alters the compiled application binary to bypass internal download speed limit calculations.
Xposed is a native Android runtime hooking framework and instrumentation tool. It provides a modified version of the Android app process binary to intercept and modify the behavior of system and application processes at the binary level. The framework enables Android operating system customization by altering internal function calls and runtime execution flow. It achieves this through native process instrumentation, allowing for the modification of functionality without altering original application files. The tool covers several low-level capabilities, including native library injection and
Modifies the Android app_process binary to force the loading of custom native libraries during system startup.
uYouPlus is a modified iOS application binary that removes advertisements and unlocks premium playback features for non-jailbroken devices. It functions as an ad-blocking video client and enhanced video player designed to be installed via external signing tools rather than the official app store. The project enables the skipping of sponsored content using a community-driven database and allows users to bypass age restrictions and premium prompts. It unlocks high-resolution streaming options, including 2K and 4K playback, and supports background media playback and picture-in-picture mode. The
Modifies the compiled application binary to bypass restrictions and inject new feature logic.
JPEX Software is a comprehensive reverse engineering suite for SWF binary files, serving as an ActionScript decompiler and editor. It provides a toolkit for decompiling, analyzing, and modifying the internal structure of compiled Flash content, including the extraction of scripts and media assets. The project is distinguished by its ability to perform direct binary modification, allowing users to edit bytecode and replace embedded resources without reverting to high-level source code. It includes a runtime ActionScript bytecode debugger for variable inspection and call stack analysis, as well
Editing bytecode, replacing embedded resources, and modifying file tags directly within compiled SWF binaries.
Auto-unlocker 是一组旨在修改虚拟化软件库以绕过客户操作系统系统限制的实用程序。它主要作为一个二进制补丁程序,支持在 VMware 中选择和引导 macOS 客户机。 该项目修改核心系统库以解锁隐藏的操作系统选择选项并绕过不受支持的客户机的引导检查。它还包括一个客户机工具安装程序,用于下载并应用硬件集成和性能所需的驱动程序包。 该工具集提供管理虚拟机环境的功能,包括通过从备份中还原二进制修改来恢复原始软件状态的能力。
Modifies core system libraries within the virtualization software to bypass boot checks for unsupported guests.
LSPosed_mod 是一个用于 Android 系统 Hook 和模块管理的框架。它支持安装和配置系统级修改,从而在不更改原始系统镜像或源文件的情况下改变设备行为。 该项目利用基于 Zygote 的进程注入和运行时方法 Hook 来拦截内存中的执行流。它包含一个版本无关的执行层,以在不同的 Android 操作系统版本和环境中保持一致的接口,以及用于修改方法参数和返回值的动态代理拦截。 这些修改的管理通过可编程 API 和面向 Root 用户的命令行界面进行。这些工具允许对 Root 设备上已安装软件组件的作用域和活动状态进行程序化控制。
Alters application behavior by modifying code directly in volatile memory, ensuring modifications are easily reversible.
该项目是一个教育资源,提供了一个全面的开发教程,用于在 Linux 内核中使用 C、Go 和 Rust 编写并加载 eBPF 程序。它作为一个技术指南,用于开发直接在内核中执行的自定义逻辑。 这些材料涵盖了专门的领域,包括内核可观测性和追踪、用于入侵检测的安全实现,以及用于包过滤和负载均衡的高性能网络工程。它还包括用于 Linux 内核追踪以及使用 kprobes、uprobes 和 tracepoints 的专用手册。 该项目涵盖了广泛的功能领域,如内核插桩、系统监控和可观测性、网络分析以及安全强制执行。它进一步扩展到 GPU 和驱动程序的硬件级调试,以及底层系统操作和资源管理。
Alters program behavior by overwriting data directly in a process memory buffer.
Miasm 是一个 Python 逆向工程框架,专为二进制分析、反汇编和修改而设计。它作为一个二进制分析框架,将机器码提升为中间表示,以实现平台无关的安全研究。 该系统作为二进制仿真引擎和修改工具包运行,允许在虚拟环境中执行二进制代码以跟踪状态更改,而无需原生硬件。它提供了二进制补丁工具,用于跨多种 CPU 架构和可执行格式更新和修改原始二进制文件。 该框架涵盖了反汇编、中间表示提升和语义简化功能,以消除二进制混淆。它包括对二进制格式解析和内存映射的支持,以便在分析编译程序时跟踪引用和布局。
Provides tools for updating and patching raw binary files across multiple CPU architectures and executable formats.
Binsider is a collection of specialized toolsets for hexadecimal editing, ELF structural analysis, system call tracing, and execution performance profiling. It provides a suite of utilities designed for binary reverse engineering, encompassing both static structural analysis and dynamic runtime monitoring of compiled binaries. The project distinguishes itself by combining low-level binary manipulation, such as a hex editor for raw byte modification, with an ELF binary analysis tool for inspecting file structures and metadata. It also includes a Linux system call tracer for observing dynamic b
Edits specific bytes within a binary by replacing hexadecimal values to change raw file content.
YTLite is a modified YouTube client and a set of specialized extensions designed to provide expanded controls over playback, layout, and content visibility. It functions as a playback enhancer and interface customizer that allows for the modification of the native video platform experience. The project integrates SponsorBlock to automatically skip sponsored segments using community-driven timing data and restores the visibility of dislike counts on videos. It unlocks high-resolution streaming, enabling 2K and 4K playback, and provides a media downloader for saving videos, audio tracks, and im
Injects custom logic into the application binary to unlock hidden features and alter UI elements.
Lilu is a kernel patching engine and runtime code injection framework designed to modify kernel drivers and libraries in memory. It functions as an operating system customization framework that intercepts function calls and redirects execution flow within the kernel to resolve hardware compatibility issues and adjust system stability. The project employs a modular platform that allows for the injection of code and the modification of system libraries during the boot process without altering files on disk. It utilizes a plugin-based extension architecture and a standardized API interface to lo
Injects and modifies kernel extensions and libraries directly in volatile memory to change system behavior.
This project is a suite of tools for scraping remote assets, applying binary modifications, and orchestrating the distribution of patched Android applications. It functions as an automated build pipeline that fetches remote assets and compiles patched binaries into installable packages. The system includes a specialized remote asset downloader designed to fetch application files and version metadata from remote servers while bypassing bot protections. It also operates as an Android app distribution system that uploads modified binaries to a repository and sends update notifications via Telegr
Alters compiled application binaries to inject custom logic and merge changes into installable Android packages.
PE-bear is a graphical portable executable analysis tool designed for inspecting, disassembling, and modifying the structure of Windows PE binary files. It functions as a static analysis framework used to identify malicious patterns and reverse engineer program logic. The project provides a binary diffing tool to identify structural and content differences between two executable files. It also includes a section editor for modifying binary layouts by adding or altering sections and imports. The tool covers a range of binary analysis capabilities, including machine code disassembly, file layo
Adds new sections or imports to a binary to modify its internal composition and structure.