Binary tools https://blackarch.org/binary.

html

BlackArch Linux
Penetration Testing Distribution

Binary The list

Home (index.html) / tools (tools.html) / Binary

Packages that operate on binary les in some form.

Tool count: 41 ()

BlackArch binary

Name Version Description Homepage

Reverse engineering,
Malware and goodware https://github.com/androguard/androguard
androguard 905.9823efd
analysis of Android (https://github.com/androguard/androguard)
applications and more.

1 of 4 6/9/17, 7:05 PM
Binary tools https://blackarch.org/binary.html

Name Version Description Homepage

The next-generation binary
https://github.com/angr/angr
angr 3880.d9017de5 analysis platform from UC
(https://github.com/angr/angr)
Santa Barbara's Seclab.
A multiplatform open
source Binary Analysis and https://github.com/programa-stic/barf-project
barf 601.056bd45
Reverse engineering (https://github.com/programa-stic/barf-project)
Framework.
https://github.com/Vector35/binaryninja-python
binaryninja- Binary Ninja prototype
13.83f59f7 (https://github.com/Vector35/binaryninja-
python written in Python.
python)
A static analysis tool for https://bitbucket.org/mihaila/bindead
bindead 4504.67019b97b
binaries (https://bitbucket.org/mihaila/bindead)
A comparison tool for
binary files, that assists
vulnerability researchers
http://www.zynamics.com/bindiff.html
bindiff 4.2.0 and engineers to quickly
(http://www.zynamics.com/bindiff.html)
find differences and
similarities in disassembled
code.
POSIX function tracing.
https://github.com/elfmaster/binflow
binflow 4.c4140d7 Much better and faster than
(https://github.com/elfmaster/binflow)
ftrace.
Binary and Directory tree
comparison tool using the https://github.com/bmaia/binwally
binwally 4.0aabd8b
Fuzzy Hashing concept (https://github.com/bmaia/binwally)
(ssdeep).
A display-oriented editor for
http://bvi.sourceforge.net/
bvi 1.4.0 binary files operate like "vi"
(http://bvi.sourceforge.net/)
editor.
bytecode- A Java 8/Android APK https://github.com/Konloch/bytecode-viewer
222.42caddf
viewer Reverse Engineering Suite. (https://github.com/Konloch/bytecode-viewer)
A tool for enumerating the https://github.com/EgeBalci/Cminer/
cminer 23.1cf52f9
code caves in PE files. (https://github.com/EgeBalci/Cminer/)
detect- A program for determining https://github.com/horsicq/Detect-It-Easy
50.6ae37ad
it-easy types of files. (https://github.com/horsicq/Detect-It-Easy)
This code dissects the
http://packetstormsecurity.com/files/125972
internal data structures in
/Coloured-ELF-File-Dissector.html
dissector 1 ELF files. It supports x86
(http://packetstormsecurity.com/files/125972
and x86_64 archs and runs
/Coloured-ELF-File-Dissector.html)
under Linux.
Analysis PE file or https://github.com/dungtv543/Dutas
dutas 10.37fa3ab
Shellcode. (https://github.com/dungtv543/Dutas)
Extended core file https://github.com/elfmaster/ecfs
ecfs 294.aad6193
snapshot format. (https://github.com/elfmaster/ecfs)
http://www.muppetlabs.com/~breadbox
Collection of ELF utilities /software/elfkickers.html
elfkickers 3.1
(includes sstrip) (http://www.muppetlabs.com/~breadbox
/software/elfkickers.html)
Cross Platform ELF https://github.com/jacob-baines/elfparser
elfparser 7.39d21ca
analysis. (https://github.com/jacob-baines/elfparser)
The ERESI Reverse
https://github.com/thorkill/eresi
eresi 1267.d0facbfd Engineering Software
(https://github.com/thorkill/eresi)
Interface.

2 of 4 6/9/17, 7:05 PM
Binary tools https://blackarch.org/binary.html

Name Version Description Homepage

A tool to detect anomalies
https://github.com/cysinfo/Exescan
exescan 1.ad993e3 in PE (Portable Executable)
(https://github.com/cysinfo/Exescan)
files.
Looks for all export and
import names that contain
expimp- https://github.com/tr3w/ExpImp-Lookup
4.79a96c7 a specified string in all
lookup (https://github.com/tr3w/ExpImp-Lookup)
Portable Executable in a
directory tree.
A Python framework for
finding C structures from
https://github.com/trolldbois/python-haystack
haystack 1759.df8b7ca process memory - heap
(https://github.com/trolldbois/python-haystack)
analysis - Memory
structures forensics.
A special payload
hercules- https://github.com/EgeBalci/HERCULES
219.31f23e2 generator that can bypass
payload (https://github.com/EgeBalci/HERCULES)
all antivirus software.
Converts Motorola and Intel http://hex2bin.sourceforge.net/
hex2bin 2.5
hex files to binary. (http://hex2bin.sourceforge.net/)
Small tool to package
https://github.com/jklmnn/imagejs
imagejs 51.dc70622 javascript into a valid image
(https://github.com/jklmnn/imagejs)
file.
Porting Windows Dynamic https://github.com/taviso/loadlibrary
loadlibrary 15.ca6dce8
Link Libraries to Linux. (https://github.com/taviso/loadlibrary)
Analyze OLE files
(Compound File Binary
http://blog.didierstevens.com/programs
Format). These files
oledump 0.0.27 /oledump-py/ (http://blog.didierstevens.com
contain streams of data.
/programs/oledump-py/)
This tool allows you to
analyze these streams.
Tools to analyze Microsoft http://www.decalage.info/python/oletools
oletools 0.50
OLE2 files. (http://www.decalage.info/python/oletools)
Script which uses a PEiD
database to identify which http://handlers.sans.org/jclausing/
packerid 1.4
packer (if any) is being (http://handlers.sans.org/jclausing/)
used by a binary.
Powerful binary patching https://github.com/lunixbochs/patchkit
patchkit 32.9f6b064
from Python. (https://github.com/lunixbochs/patchkit)
Colourful visualization tool https://github.com/FireyFly/pixd
pixd 5.85c1cb6
for binary files. (https://github.com/FireyFly/pixd)
A payload stager using https://github.com/z0noxz/powerstager
powerstager 11.abcfbaf
PowerShell. (https://github.com/z0noxz/powerstager)
Provides a command line
interface and a C library to
https://github.com/daniel-araujo/proctal
proctal 248.dfd6697 manipulate the address
(https://github.com/daniel-araujo/proctal)
space of a running program
on Linux.
ELF anti-forensics exec, for
injecting full dynamic
https://github.com/elfmaster/saruman
saruman 1.1a8e77d executables into process
(https://github.com/elfmaster/saruman)
image (With thread
injection).

3 of 4 6/9/17, 7:05 PM
Binary tools https://blackarch.org/binary.html

Name Version Description Homepage

A Java Bytecode Analysis
http://www.sable.mcgill.ca/soot
soot 2.5.0 and Transformation
(http://www.sable.mcgill.ca/soot)
Framework.
A collection of SWF
http://www.swftools.org/
swftools 0.9.2 manipulation and creation
(http://www.swftools.org/)
utilities
A Dynamic Binary Analysis https://github.com/JonathanSalwan/Triton
triton 1904.5d876f6f
(DBA) framework. (https://github.com/JonathanSalwan/Triton)
Ultimate executable http://upx.sourceforge.net/
upx 3.94
compressor. (http://upx.sourceforge.net/)
A tool to help find memory-
valgrind 3.12.0 management problems in http://valgrind.org/ (http://valgrind.org/)
programs
New open source tool for https://codisec.com/veles/ (https://codisec.com
veles 2017.5.0
binary data analysis. /veles/)
The Witchcraft Compiler https://github.com/endrazine/wcc
wcc 27.1a7a00c
Collection. (https://github.com/endrazine/wcc)
A free hex editor / disk
http://wxhexeditor.sourceforge.net/
wxhexeditor 597.bb951eb editor for Linux, Windows
(http://wxhexeditor.sourceforge.net/)
and MacOSX.

(https://github.com/BlackArch) (https://twitter.com/blackarchlinux) (irc://irc.freenode.net

/blackarch) (https://blackarch.org/blog.html) (https://blackarch.org/rss.xml)

BlackArch Linux 2013-2017

4 of 4 6/9/17, 7:05 PM