QuasarApp/LIEF
4
0
Fork 0
mirror of https://github.com/QuasarApp/LIEF.git synced 2025-05-11 03:09:32 +00:00
Code Issues Projects Releases Wiki Activity

Update references

Browse Source
This commit is contained in:
rthomas 2020-05-11 09:33:03 +02:00
parent 8671cc0a97
commit 6fd553114d
1 changed files with 66 additions and 63 deletions

129
doc/sphinx/references.rst

@ -4,6 +4,7 @@ References
Blog posts related to LIEF
--------------------------
* 2020-02-04: `x0rro — A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2 <https://iwantmore.pizza/posts/x0rro.html>`_ by `phra <https://iwantmore.pizza/>`_
* 2019-11-01: `Isolating the logic of an encrypted protocol with LIEF and kaitai <https://x-c3ll.github.io/posts/blackbox-lief-kaitai/>`_ by `@TheXC3LL <https://twitter.com/THEXC3LL>`_
* 2018-10-26: `[Write-up] HITCON 2018 - Unexecutable <https://github.com/pwning/public-writeup/tree/21b31d1aa916f07a16423a1c2944c498a29271fb/hitcon2018/unexecutable/>`_ by `Andrew Wesie <https://github.com/awesie>`_
* 2018-10-06: `[Write-up] Flare-on Challenge (Level 3) <https://bruce30262.github.io/flare-on-challenge-2018-write-up/>`_
@ -191,68 +192,70 @@ Mach-O
Tools
-----
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| Name | Language | Link | Format | Summarize |
+====================+============+========================================================+=================+==============================+
| Dress | Python | https://github.com/docileninja/dress | ELF | Add static symbols |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| objconv | C++ | http://www.agner.org/optimize/#objconv | ELF/PE/MachO | Format converter |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| PEDetour | C++ | https://github.com/chen-charles/PEDetour | PE | Hook exported functions |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| python-elf | Python | https://github.com/tbursztyka/python-elf | ELF | ELF binary format |
| | | | | manipulation |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| PEDetour | C++ | https://github.com/chen-charles/PEDetour | PE | Hook exported functions |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| libmaelf | C | https://github.com/tiago4orion/libmalelf | ELF | Library for Dissect and |
| | | | | Infect ELF Binaries. |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| peinjector | C | https://github.com/JonDoNym/peinjector | PE | MITM PE file infector |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| backdoor | C++ | https://github.com/secretsquirrel/the-backdoor-factory | ELF/PE/MachO | Patch PE, ELF, Mach-O |
| factory | | | | binaries with shellcode |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| RePEconstruct | C | https://github.com/DavidKorczynski/RePEconstruct | PE | PE Unpacker |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| patchkit | Python | https://github.com/lunixbochs/patchkit | ELF | Patch binary |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| unstrip | Python | https://github.com/pzread/unstrip | ELF | Unstrip static binary |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| sym2elf | Python | https://github.com/danigargu/syms2elf | ELF | Export IDA's symbols to |
| | | | | the original binary |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| elfhash | C | https://github.com/cjacker/elfhash | ELF | Manipulate ELF's hash |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| recomposer | Python | https://github.com/secretsquirrel/recomposer | PE | Change some parts of a |
| | | | | PE ile in order to bypass |
| | | | | Antivirus |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| bearparser | C++ | https://github.com/hasherezade/bearparser | PE | Portable Executable parsing |
| | | | | library with a GUI |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| IAT patcher | C++ | http://hasherezade.github.io/IAT_patcher | PE | IAT hooking application |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| PEframe | Python | https://github.com/guelfoweb/peframe | PE | PE Static analyzer |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| Manalyze | C++ | https://github.com/JusticeRage/Manalyze | PE | PE Static analyzer |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| elf-dissector | C++ | https://github.com/KDE/elf-dissector | ELF | Tool to inspect ELF files |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| InfectPE | C++ | https://github.com/secrary/InfectPE | PE | Inject code into PE file |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| termux-elf-cleaner | C++ | https://github.com/termux/termux-elf-cleaner | ELF | Utility to remove unused ELF |
| | | | | sections causing warnings. |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| vdexExtractor | C | https://github.com/anestisb/vdexExtractor | VDEX | Extract DEX from VDEX |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| insert_dylib | C | https://github.com/Tyilo/insert_dylib | Mach-O | Insert a dylib load command |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| optool | Obj-C | https://github.com/alexzielenski/optool | Mach-O | Modify Mach-O commands: |
| | | | | Resign, insert commands, ... |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
| reflective- | C | https://github.com/zeroSteiner/reflective-polymorphism | PE | Transform PE files between |
| polymorphism | | | | EXE and DLL |
+--------------------+------------+--------------------------------------------------------+-----------------+------------------------------+
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| Name | Language | Link | Format | Summarize |
+====================+==========+========================================================+==============+======================================================+
| Dress | Python | https://github.com/docileninja/dress | ELF | Add static symbols |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| objconv | C++ | http://www.agner.org/optimize/#objconv | ELF/PE/MachO | Format converter |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| PEDetour | C++ | https://github.com/chen-charles/PEDetour | PE | Hook exported functions |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| python-elf | Python | https://github.com/tbursztyka/python-elf | ELF | ELF binary format |
| | | | | manipulation |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| PEDetour | C++ | https://github.com/chen-charles/PEDetour | PE | Hook exported functions |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| libmaelf | C | https://github.com/tiago4orion/libmalelf | ELF | Library for Dissect and |
| | | | | Infect ELF Binaries. |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| peinjector | C | https://github.com/JonDoNym/peinjector | PE | MITM PE file infector |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| backdoor | C++ | https://github.com/secretsquirrel/the-backdoor-factory | ELF/PE/MachO | Patch PE, ELF, Mach-O |
| factory | | | | binaries with shellcode |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| RePEconstruct | C | https://github.com/DavidKorczynski/RePEconstruct | PE | PE Unpacker |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| patchkit | Python | https://github.com/lunixbochs/patchkit | ELF | Patch binary |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| unstrip | Python | https://github.com/pzread/unstrip | ELF | Unstrip static binary |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| sym2elf | Python | https://github.com/danigargu/syms2elf | ELF | Export IDA's symbols to |
| | | | | the original binary |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| elfhash | C | https://github.com/cjacker/elfhash | ELF | Manipulate ELF's hash |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| recomposer | Python | https://github.com/secretsquirrel/recomposer | PE | Change some parts of a |
| | | | | PE ile in order to bypass |
| | | | | Antivirus |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| bearparser | C++ | https://github.com/hasherezade/bearparser | PE | Portable Executable parsing |
| | | | | library with a GUI |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| IAT patcher | C++ | http://hasherezade.github.io/IAT_patcher | PE | IAT hooking application |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| PEframe | Python | https://github.com/guelfoweb/peframe | PE | PE Static analyzer |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| Manalyze | C++ | https://github.com/JusticeRage/Manalyze | PE | PE Static analyzer |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| elf-dissector | C++ | https://github.com/KDE/elf-dissector | ELF | Tool to inspect ELF files |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| InfectPE | C++ | https://github.com/secrary/InfectPE | PE | Inject code into PE file |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| termux-elf-cleaner | C++ | https://github.com/termux/termux-elf-cleaner | ELF | Utility to remove unused ELF |
| | | | | sections causing warnings. |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| vdexExtractor | C | https://github.com/anestisb/vdexExtractor | VDEX | Extract DEX from VDEX |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| insert_dylib | C | https://github.com/Tyilo/insert_dylib | Mach-O | Insert a dylib load command |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| optool | Obj-C | https://github.com/alexzielenski/optool | Mach-O | Modify Mach-O commands: |
| | | | | Resign, insert commands, ... |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| reflective- | C | https://github.com/zeroSteiner/reflective-polymorphism | PE | Transform PE files between |
| polymorphism | | | | EXE and DLL |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+
| XELFViewer | C++/Qt | https://github.com/horsicq/XELFViewer | ELF | ELF file viewer/editor for Windows, Linux and MacOS. |
+--------------------+----------+--------------------------------------------------------+--------------+------------------------------------------------------+