{"id":21233647,"url":"https://github.com/bdr-pro/reverse_engineering_lib","last_synced_at":"2025-03-15T02:43:50.916Z","repository":{"id":228658365,"uuid":"774612289","full_name":"BDR-Pro/reverse_engineering_lib","owner":"BDR-Pro","description":"reverse_engineering_lib, your go-to Rust crate for peeling back the layers of binaries and understanding their innards! Whether you're a cybersecurity enthusiast, a malware analyst, or just plain curious about what makes executables tick, this crate has got your back.","archived":false,"fork":false,"pushed_at":"2024-03-27T12:50:34.000Z","size":20,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-28T07:52:09.942Z","etag":null,"topics":["hex-editor","reverse-engineering","rust"],"latest_commit_sha":null,"homepage":"https://crates.io/crates/reverse_engineering_lib","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BDR-Pro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2024-03-19T21:21:06.000Z","updated_at":"2024-03-19T21:27:16.000Z","dependencies_parsed_at":"2024-03-19T21:44:32.074Z","dependency_job_id":null,"html_url":"https://github.com/BDR-Pro/reverse_engineering_lib","commit_stats":null,"previous_names":["bdr-pro/reverse_engineering_lib"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2Freverse_engineering_lib","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2Freverse_engineering_lib/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2Freverse_engineering_lib/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BDR-Pro%2Freverse_engineering_lib/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BDR-Pro","download_url":"https://codeload.github.com/BDR-Pro/reverse_engineering_lib/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243676707,"owners_count":20329432,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hex-editor","reverse-engineering","rust"],"created_at":"2024-11-20T23:59:49.024Z","updated_at":"2025-03-15T02:43:50.890Z","avatar_url":"https://github.com/BDR-Pro.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Reverse Engineering Lib 🕵️‍♂️🔍\n\nWelcome to **reverse_engineering_lib**, your go-to Rust crate for peeling back the layers of binaries and understanding their innards! Whether you're a cybersecurity enthusiast, a malware analyst, or just plain curious about what makes executables tick, this crate has got your back.\n\n## Features 🌟\n\n- **Entropy Calculation**: Get a sense of the randomness within your binary, a vital clue in spotting packed or encrypted sections.\n- **Color-Based Hex Visualization**: Turn those drab hex dumps into a vibrant array of colors, because who said reverse engineering couldn't be a visual treat?\n- **Detailed PE Analysis**: Dive deep into Portable Executable files, extracting juicy details like entry points, section headers, and import/export tables.\n\n### Getting Started 🚀\n\nFirst things first, you'll need Rust installed. If you haven't already, head on over to [rustup.rs](https://rustup.rs/) and follow the instructions.\n\nOnce Rust is ready to go, clone the repo and navigate into your project directory:\n\n```bash\ngit clone https://github.com/bdr-pro/reverse_engineering_lib.git\ncd reverse_engineering_lib\n```\n\n#### Usage 🛠\n\nCalculating the entropy of a binary is as simple as:\n\n```rust\n\nlet entropy = calculate_entropy(\"path/to/your/binary.exe\").unwrap();\nprintln!(\"Entropy: {}\", entropy);\n```\n\nFor a color-based perspective of your binary:\n\n```rust\nlet color_data = color_based_hex(\"path/to/binary.exe\").unwrap();\n// Implement your logic to visualize color_data\n```\n\nAnd to extract detailed PE information:\n\n```rust\nlet details = extract_detail_exe(\"path/to/binary.exe\").unwrap();\nfor (key, value) in details.iter() {\n    println!(\"{}: {}\", key, value);\n}\n```\n\n### Cli Mode 🖥️\n\nThe main function is in the `main.rs` file. It is a showcase of the library's capabilities by using the library's functions to analyze a binary file in cli mode.\n\n### Contributing 🤝\n\nGot ideas on how to make **reverse_engineering_lib** even better? Pull requests are more than welcome! Whether it's adding new features, improving documentation, or fixing bugs, your contributions are what make the open-source community amazing.\n\n### License 📜\n\n**reverse_engineering_lib** is distributed under the MIT License. See `LICENSE` for more information.\n\n### Acknowledgments 💖\n\nBig shoutout to the developers of the Rust programming language, the creators of the `sha2`, `rand`, and `goblin` crates, and everyone in the cybersecurity community who shares their knowledge and tools. You rock!\n\n### Example `main.rs` 📂\n\nFor a practical example of how to use **reverse_engineering_lib**, check out the provided `main.rs` file in the repository. It's a ready-to-run showcase of the library's capabilities.\n\n## Here's a brief overview of the modes it supports\n\n### For `pe-header` Mode\n\nGiven a PE file, this mode prints out the basic PE header information:\n\n```plaintext\n\n$ cargo run -- pe-header path/to/pe_file.exe\nPeHeaderInfo { machine: 34404, number_of_sections: 5 }\n\n```\n\nThis output indicates that the PE file is for an x64 architecture (`machine: 34404` corresponds to AMD64) and contains 5 sections.\n\n### For `elf-functions` Mode\n\nGiven an ELF file, this mode lists the names of functions found in the ELF file:\n\n```plaintext\n\n$ cargo run -- elf-functions path/to/elf_file\n[\"main\", \"_start\", \"printf\", \"exit\"]\n\n```\n\nThis example output shows the ELF file contains functions like `main`, `_start`, `printf`, and `exit`.\n\n### For `entropy` Mode\n\nThis mode calculates and displays the entropy of segments (or \"windows\") of a file, which can indicate its randomness:\n\n```plaintext\n$ cargo run -- entropy path/to/any_file\nOffset: 0x0, Entropy: 7.95\nOffset: 0x100, Entropy: 5.47\nOffset: 0x200, Entropy: 3.58\n\n```\n\nHere, the entropy values are hypothetical and show that the file starts with high randomness (entropy close to 8), which decreases in later sections. High entropy could indicate compressed or encrypted data.\n\n### Disassembler Mode\n\nThis mode disassembles the given binary file and prints the disassembled instructions:\n\n```bash\n\n0x14af: nop\n0x14b0: call    0xcc30\n0x14b5: cmp     eax, 0xa\n0x14b8: je      0x14bf\n0x14ba: cmp     eax, -1\n0x14bd: jne     0x14b0\n0x14bf: mov     eax, dword ptr [rbp - 4]\n0x14c2: cmp     eax, dword ptr [rip + 0x424330]\n0x14c8: jle     0x14da\n\n\n```\n\nThis output shows the disassembled instructions at different memory addresses in the binary file.\n\n```rust\nuse reverse_engineering_lib::disassemble;\n\nfn main() {\n    let file_path =\n        \"{your_binary_file_path_here.exe}\";\n    match disassemble(\u0026file_path) {\n        Ok(disassembly) =\u003e println!(\"{}\", disassembly),\n        Err(e) =\u003e eprintln!(\"Disassembly failed: {}\", e),\n    }\n}\n\n\n```\n\n---\n\nHappy reverse engineering! 🚀👨‍💻👩‍💻\n\nRemember, with great power comes great responsibility. Use **reverse_engineering_lib** ethically and legally. Happy hacking! 🖥️🔐\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbdr-pro%2Freverse_engineering_lib","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbdr-pro%2Freverse_engineering_lib","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbdr-pro%2Freverse_engineering_lib/lists"}