Js2iiu
js2iiu.com › ホーム › programming › python › 【python】バイナリ解析ツール – capstone, angr, pyelftools
【Python】バイナリ解析ツール – capstone, angr, pyelftools | アマチュア無線局JS2IIU
March 8, 2025 - pyelftoolsは、ELFファイルから隠されたシンボルを特定。 · マルウェア解析に利用し、不審な挙動を特定。 · 独自のバイナリ形式を解析し、リバースエンジニアリングに応用。 · capstoneは、軽量で高速な逆アセンブラ。
GitHub
github.com › HBehrens › puncover › issues › 11
Investigate if pyelftools + capstone can remove dependencies to GCC · Issue #11 · HBehrens/puncover
April 18, 2017 - https://github.com/eliben/pyelftools · http://www.capstone-engine.org · Reactions are currently unavailable · No one assigned · No labels · No labels · No projects · No milestone · None yet · No branches or pull requests ·
Author HBehrens
GitHub
github.com › blasty › ropstone
GitHub - blasty/ropstone: A code gadget finder based on capstone/keystone/pyelftools
Starred by 92 users
Forked by 11 users
Languages Python 100.0% | Python 100.0%
Binary Research
binaryresearch.github.io › 2019 › 12 › 11 › Analyzing-ELF-Binaries-with-Malformed-Headers-Part-2-Mapping-Program-Logic-with-Qiling-and-Graphviz.html
Analyzing ELF Binaries with Malformed Headers Part 2 - Mapping Program Logic with Qiling and Graphviz | Binary Research
December 11, 2019 - Fortunately, there is no need for special tools to parse the header in this case - pyelftools [2] can be used straightforwardly, and Qiling loads it without any problems. In order to produce correct disassembly with Capstone, it is necessary to find the file offset of the program entry point.
Devhub
devhub.io › repos › blasty-ropstone
Devhub
We cannot provide a description for this page right now
PyPI
pypi.org › project › pyelftools
pyelftools · PyPI
» pip install pyelftools
Binary Research
binaryresearch.github.io › 2019 › 09 › 17 › Analyzing-ELF-Binaries-with-Malformed-Headers-Part-1-Emulating-Tiny-Programs.html
Analyzing ELF Binaries with Malformed Headers Part 1 - Emulating Tiny Programs | Binary Research
September 17, 2019 - As it turns out, Capstone is a linear sweep-based disassembler (as opposed to recursive traversal-based, like radare2)[7][8]. This means that beginning at the start address, it disassembles all bytes as code until the end address, ignoring ...
GitHub
github.com › eliben › pyelftools › wiki › User's-guide
User's guide · eliben/pyelftools Wiki · GitHub
February 1, 2022 - If you have a basic grasp of Python and are somewhat familiar with the problem domain pyelftools aims to address (ELF and DWARF formats), you should be able to get going just from looking at the examples - reading this guide is not necessary.
Author eliben
GitHub
github.com › eliben › pyelftools
GitHub - eliben/pyelftools: Parsing ELF and DWARF in Python · GitHub
Parsing ELF and DWARF in Python. Contribute to eliben/pyelftools development by creating an account on GitHub.
Starred by 2.3K users
Forked by 542 users
Languages Python 97.7% | C 1.5% | Assembly 0.5% | Linker Script 0.1% | Makefile 0.1% | Nix 0.1%
GitHub
github.com › CarterPerez-dev › Cybersecurity-Projects › blob › main › SYNOPSES › intermediate › Binary.Analysis.Tool.md
Cybersecurity-Projects/SYNOPSES/intermediate/Binary.Analysis.Tool.md at main · CarterPerez-dev/Cybersecurity-Projects
Implement binary file parsing using libraries like capstone for disassembly, pefile for PE analysis, and pyelftools for ELF analysis. Parse binary file headers extracting architecture (x86, x64, ARM), compilation timestamp, entry point, sections, ...
Author CarterPerez-dev
Stack Overflow
stackoverflow.com › questions › tagged › pyelftools
Newest 'pyelftools' Questions - Stack Overflow
I am simply trying to grab the program header information with pyelftools (the offset, virtual address, and physical address).
Debian
packages.debian.org › sid › python3-pyelftools
Debian -- Details of package python3-pyelftools in sid
pyelftools is a pure-Python library for parsing and analyzing ELF files and DWARF debugging information.
GitHub
github.com › mildsunrise › darter
GitHub - mildsunrise/darter: :detective: Dart / Flutter VM snapshot analyzer · GitHub
parse_elf_snapshot(...) requires pyelftools · the darter.asm module (for analyzing the assembled code) requires Capstone (and its python binding) darter in itself is just a module, it has no stand-alone program or CLI. The recommended way to use it is by including it in a notebook and playing with the parsed data.
Starred by 342 users
Forked by 53 users
Languages Jupyter Notebook 58.1% | Python 40.0% | JavaScript 1.9%