Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/lief-project/LIEF

LIEF - Library to Instrument Executable Formats
https://github.com/lief-project/LIEF

android art binary-analysis dex elf executable-formats lief macho malware-analysis modification oat parser parsing pe python reverse-engineering rust sdk vdex

Last synced: about 1 month ago
JSON representation

LIEF - Library to Instrument Executable Formats

Host: GitHub
URL: https://github.com/lief-project/LIEF
Owner: lief-project
License: apache-2.0
Created: 2017-03-16T14:34:53.000Z (over 7 years ago)
Default Branch: main
Last Pushed: 2024-05-12T18:54:19.000Z (about 1 month ago)
Last Synced: 2024-05-12T19:52:25.375Z (about 1 month ago)
Topics: android, art, binary-analysis, dex, elf, executable-formats, lief, macho, malware-analysis, modification, oat, parser, parsing, pe, python, reverse-engineering, rust, sdk, vdex
Language: C++
Homepage: https://lief-project.github.io/
Size: 66.6 MB
Stars: 4,166
Watchers: 128
Forks: 589
Open Issues: 83
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG
- Funding: .github/FUNDING.yml
- License: LICENSE
- Authors: AUTHORS

Lists

awesome-executable-packing - LIEF - Library to Instrument Executable Formats ; Python package for parsing PE, ELF, Mach-O and DEX formats, modifying and rebuilding executables. (:wrench: Tools / Before 2000)
awesome-stars - lief-project/LIEF - LIEF - Library to Instrument Executable Formats (C++)
awesome-stars - lief-project/LIEF - LIEF - Library to Instrument Executable Formats (C++)
awesome-elf - lief
awesome-stars - LIEF - LIEF - Library to Instrument Executable Formats (C++)
awesome-repositories - lief-project / LIEF
awesome-stars - lief-project/LIEF - LIEF - Library to Instrument Executable Formats (C++)
awesome-ios-security - Lief
my-stars - lief-project/LIEF - LIEF - Library to Instrument Executable Formats (C++)
awesome-android-security - Lief
awesome-stars - lief-project/LIEF - `★4233` LIEF - Library to Instrument Executable Formats (C++)

README

        









  

    

  

   

  

    

  

   

  

    

  

   

  

    

  

   

  

    

  

   

  

    

  

   

  

    

  

   

  

    

  

   

  

   

  








  Blog •

  Documentation •

  About






# About

The purpose of this project is to provide a cross platform library which can parse,

modify and abstract ELF, PE and MachO formats.

Main features:

  * **Parsing**: LIEF can parse ELF, PE, MachO, OAT, DEX, VDEX, ART and provides an user-friendly API to access to format internals.

  * **Modify**: LIEF enables to modify some parts of these formats

  * **Abstract**: Three formats have common features like sections, symbols, entry point... LIEF factors them.

  * **API**: LIEF can be used in C, C++ and Python

# Content

- [About](#about)

- [Download / Install](#downloads--install)

- [Getting started](#getting-started)

- [Documentation](#documentation)

  - [Sphinx](https://lief-project.github.io/doc/stable/index.html)

  - [Doxygen](https://lief-project.github.io/doc/latest/doxygen/index.html)

  - Tutorials:

    - [Parse and manipulate formats](https://lief-project.github.io/doc/latest/tutorials/01_play_with_formats.html)

    - [Create a PE from scratch](https://lief-project.github.io/doc/latest/tutorials/02_pe_from_scratch.html)

    - [Play with ELF symbols](https://lief-project.github.io/doc/latest/tutorials/03_elf_change_symbols.html)

    - [ELF Hooking](https://lief-project.github.io/doc/latest/tutorials/04_elf_hooking.html)

    - [Infecting the plt/got](https://lief-project.github.io/doc/latest/tutorials/05_elf_infect_plt_got.html)

    - [PE Hooking](https://lief-project.github.io/doc/latest/tutorials/06_pe_hooking.html)

    - [PE Resources](https://lief-project.github.io/doc/latest/tutorials/07_pe_resource.html)

    - [Transforming an ELF executable into a library](https://lief-project.github.io/doc/latest/tutorials/08_elf_bin2lib.html)

    - [How to use frida on a non-rooted device](https://lief-project.github.io/doc/latest/tutorials/09_frida_lief.html)

    - [Android formats](https://lief-project.github.io/doc/latest/tutorials/10_android_formats.html)

    - [Mach-O modification](https://lief-project.github.io/doc/latest/tutorials/11_macho_modification.html)

    - [ELF Coredump](https://lief-project.github.io/doc/latest/tutorials/12_elf_coredump.html)

    - [PE Authenticode](https://lief-project.github.io/doc/latest/tutorials/13_pe_authenticode.html)

- [Contact](#contact)

- [About](#about)

  - [Authors](#authors)

  - [License](#license)

  - [Bibtex](#bibtex)

## Downloads / Install

First, make sure to have an updated version of setuptools:

```console

pip install setuptools --upgrade

```

To install the latest **version** (release):

```console

pip install lief

```

To install nightly build:

```console

pip install [--user] --index-url https://lief.s3-website.fr-par.scw.cloud/latest lief==0.15.0.dev0

```

### Packages

- **Nightly**:

  * SDK: https://lief.s3-website.fr-par.scw.cloud/latest/sdk

  * Python Wheels: https://lief.s3-website.fr-par.scw.cloud/latest/lief

- **v0.14.0**: https://github.com/lief-project/LIEF/releases/tag/0.14.0

Here are guides to install or integrate LIEF:

  * [Python](https://lief-project.github.io/doc/latest/installation.html#python)

  * [VisualStudio](https://lief-project.github.io/doc/latest/installation.html#visual-studio-integration)

  * [XCode](https://lief-project.github.io/doc/latest/installation.html#xcode-integration)

  * [CMake](https://lief-project.github.io/doc/latest/installation.html#cmake-integration)

## Getting started

### Python

```python

import lief

# ELF

binary = lief.parse("/usr/bin/ls")

print(binary)

# PE

binary = lief.parse("C:\\Windows\\explorer.exe")

print(binary)

# Mach-O

binary = lief.parse("/usr/bin/ls")

print(binary)

```

### C++

```cpp

#include 

int main(int argc, char** argv) {

  // ELF

  if (std::unique_ptr elf = LIEF::ELF::Parser::parse("/bin/ls")) {

    std::cout << *elf << '\n';

  }

  // PE

  if (std::unique_ptr pe = LIEF::PE::Parser::parse("C:\\Windows\\explorer.exe")) {

    std::cout << *pe << '\n';

  }

  // Mach-O

  if (std::unique_ptr macho = LIEF::MachO::Parser::parse("/bin/ls")) {

    std::cout << *macho << '\n';

  }

  return 0;

}

```

### C (Limited API)

```cpp

#include 

int main(int argc, char** argv) {

  Elf_Binary_t* elf = elf_parse("/usr/bin/ls");

  Elf_Section_t** sections = elf->sections;

  for (size_t i = 0; sections[i] != NULL; ++i) {

    printf("%s\n", sections[i]->name);

  }

  elf_binary_destroy(elf);

  return 0;

}

```

## Documentation

* [Main documentation](https://lief-project.github.io/doc/latest/index.html)

* [Tutorial](https://lief-project.github.io/doc/latest/tutorials/index.html)

* [API](https://lief-project.github.io/doc/latest/api/index.html)

* [Doxygen](https://lief-project.github.io/doc/latest/doxygen/index.html)

## Contact

* **Mail**: contact at lief re

* **Discord**: [LIEF](https://discord.gg/7hRFGWYedu)

## About

### Authors

Romain Thomas ([@rh0main](https://twitter.com/rh0main)) - [Quarkslab](https://www.quarkslab.com)

### License

LIEF is provided under the [Apache 2.0 license](https://github.com/lief-project/LIEF/blob/0.14.0/LICENSE).

### Bibtex

```bibtex

@MISC {LIEF,

  author       = "Romain Thomas",

  title        = "LIEF - Library to Instrument Executable Formats",

  howpublished = "https://lief.quarkslab.com/",

  month        = "apr",

  year         = "2017"

}

```