elf2json alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

74

Alternative: angr

Angr is a security tool written in Python to allow analyzing binaries. It provides a combination of static and dynamic analysis.

Project details

angr is written in Python.

Strengths

  • + More than 50 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

Typical usage

  • binary analysis
  • malware analysis

angr project page

96

Alternative: LIEF

LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.

LIEF is short for Library to Instrument Executable Formats.

Project details

LIEF is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • binary analysis
  • malware analysis
  • reverse engineering

LIEF project page

85

Alternative: Manticore

Manticore is a binary analysis tool. It uses dynamic analysis, meaning parts of the binary will be executed and tested.

Project details

Manticore is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • binary analysis
  • malware analysis

Manticore project page

64

Alternative: pyelftools

Pyelftools is a Python library to parse ELF files and DWARF debugging information. It can be useful to perform dynamic binary analysis on files.

Project details

pyelftools is written in Python.

Strengths

  • + More than 25 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • binary analysis
  • malware analysis

pyelftools project page

97

Alternative: radare2

radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files.

RA-DA-RE stands for RAw DAta REcovery. It helps with performing analysis on files and images to retrieve useful artifacts. This can be used to better understand how malware works, recover lost data, or troubleshoot why software is crashing.

In 2014, radare1 was replaced by radare2, which was a parallel work and a full rewrite. It then was released under the LGPLv3 license.

56

Alternative: bingrep

Bingrep is a utility that can be described as the 'grep for binaries'. It runs on Linux and helps with reverse engineering and malware analysis.

Searches through binaries and highlights the most important areas with colors.

Supported binary formats:

  • ELF 32/64, arm, x86, openrisc
  • Mach 32/64, arm, x86
  • PE