{"id":20691687,"url":"https://github.com/droppers/singlefileextractor","last_synced_at":"2025-05-16T03:06:30.981Z","repository":{"id":65370524,"uuid":"404863560","full_name":"Droppers/SingleFileExtractor","owner":"Droppers","description":" A tool for extracting contents (assemblies, configuration, etc.) from a single-file application to a directory, suitable for purposes like malware analysis.","archived":false,"fork":false,"pushed_at":"2025-03-05T12:30:49.000Z","size":12012,"stargazers_count":123,"open_issues_count":0,"forks_count":23,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-05-16T03:06:21.964Z","etag":null,"topics":["dotnet","malware","malware-analysis","reverse-engineering","tooling"],"latest_commit_sha":null,"homepage":"https://www.nuget.org/packages/sfextract/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Droppers.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-09T20:39:55.000Z","updated_at":"2025-05-08T09:21:37.000Z","dependencies_parsed_at":"2025-01-15T01:14:26.861Z","dependency_job_id":"f818702e-2443-4932-a55a-ce2be9ceab90","html_url":"https://github.com/Droppers/SingleFileExtractor","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Droppers%2FSingleFileExtractor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Droppers%2FSingleFileExtractor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Droppers%2FSingleFileExtractor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Droppers%2FSingleFileExtractor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Droppers","download_url":"https://codeload.github.com/Droppers/SingleFileExtractor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254459088,"owners_count":22074605,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dotnet","malware","malware-analysis","reverse-engineering","tooling"],"created_at":"2024-11-16T23:17:34.459Z","updated_at":"2025-05-16T03:06:25.972Z","avatar_url":"https://github.com/Droppers.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e📁 SingleFileExtractor\u003c/h1\u003e\u003c/br\u003e\n\u003cp align=\"center\"\u003e\n  A tool for extracting contents (assemblies, configuration, etc.) from a single-file application to a directory, suitable for purposes like malware analysis.\n\u003c/p\u003e\n\n\u003ch6 align=\"center\"\u003e\n  \u003ca href=\"https://www.nuget.org/packages/sfextract\" alt=\".NET target\"\u003e\u003cimg src=\"https://img.shields.io/nuget/dt/sfextract?label=NuGet\" height=\"20\" valign=\"middle\"\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\n  \u003cimg src=\"https://img.shields.io/badge/License-MIT-yellow.svg\" height=\"20\" valign=\"middle\"\u003e\u0026nbsp;\u0026nbsp;\n  \u003ca href=\"https://dotnet.microsoft.com/download\" alt=\".NET target\"\u003e\u003cimg alt=\".NET target\" src=\"https://img.shields.io/badge/dynamic/xml?color=%23512bd4\u0026label=target\u0026query=%2F%2FTargetFramework%5B1%5D\u0026url=https%3A%2F%2Fraw.githubusercontent.com%2FZacharyPatten%2FTowel%2Fmain%2FSources%2FTowel%2FTowel.csproj\u0026logo=.net\" title=\"Go To .NET Download\" height=\"20\" valign=\"middle\"\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\n  \u003cimg src= \"https://joery.nl/static/vector/logo.svg\" height=\"20\" valign=\"middle\"\u003e\u0026nbsp;\u0026nbsp;By \u003ca href=\"https://joery.nl\"\u003eJoery Droppers\u003c/a\u003e\n\u003c/h6\u003e\n\n# Install\nTo use this tool install it as a global dotnet tool:\n```\ndotnet tool install -g sfextract\n```\n\n# Usage\n## Command-line\n```\nsfextract [file] -o|--output [directory]\n```\n\n\u003cb\u003eExtract files\u003c/b\u003e\u003cbr\u003e\n```\nsfextract Application.exe -o path/to/output/\n```\n\n\u003cb\u003eList files\u003c/b\u003e\u003cbr\u003e\nOmitting the output directory will list all files in the single file executable.\n```\nsfextract Application.exe\n```\n\n## Programmatically\n\nInstall the `SingleFileExtractor.Core` NuGet package to use it programmatically:\n```csharp\nvar reader = new ExecutableReader(\"application.exe\");\n```\n\n### Read startup info\n\nWhen you want to know what the entry point assembly is, you can read the startup info\n\n```cs\nvar reader = new ExecutableReader(\"application.exe\");\nvar startupInfo = reader.StartupInfo;\n```\n\n### Extract all files\n\n```cs\nvar reader = new ExecutableReader(\"application.exe\");\n\n// Validate if executable is a single file executable, and can be extracted\nvar isSingleFile = reader.IsSingleFile;\n\nif (isSingleFile)\n{\n    // Extract specific file entry\n    await reader.Manifest.Entries[0].ExtractToFileAsync(\"example.dll\");\n    // , or create an in-memory stream of a specifc file entry\n    var stream = await reader.Manifest.Entries[0].AsStreamAsync()\n    \n    // Extract all files to a directory\n    await reader.ExtractToDirectoryAsync(\"path/to/output\");\n}\n```\n\n### Extract specific entry to file\n\n```cs\nvar reader = new ExecutableReader(\"application.exe\");\nawait reader.Manifest.Entries[0].ExtractToFileAsync(\"example.dll\");\n```\n\n### Extract specific entry to stream\n\n```cs\nvar reader = new ExecutableReader(\"application.exe\");\nvar stream = await reader.Manifest.Entries[0].AsStreamAsync()\n```\n\n## Why\nAnother application I'm working on requires me to extract the contents of a single file. Since I've also seen people asking for a way to do this, I decided to turn it into a dotnet tool and NuGet package.\n\n## Credits\n- [GitHub: dotnet/runtime](https://github.com/dotnet/runtime) for inventing single file applications.\n\n## License\n```\nMIT License\n\nCopyright (c) 2021 Joery Droppers (https://github.com/Droppers)\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdroppers%2Fsinglefileextractor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdroppers%2Fsinglefileextractor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdroppers%2Fsinglefileextractor/lists"}