Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mauricelambert/elfanalyzer

This module parses and analyzes ELF file for Forensic and investigations.
https://github.com/mauricelambert/elfanalyzer

analysis elf elf-analyzer elf-parser forensic-analysis forensics investigations malware-analysis

Last synced: about 2 months ago
JSON representation

This module parses and analyzes ELF file for Forensic and investigations.

Host: GitHub
URL: https://github.com/mauricelambert/elfanalyzer
Owner: mauricelambert
License: gpl-3.0
Created: 2023-08-31T19:11:59.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2023-09-06T10:39:42.000Z (over 1 year ago)
Last Synced: 2023-12-07T14:01:37.069Z (about 1 year ago)
Topics: analysis, elf, elf-analyzer, elf-parser, forensic-analysis, forensics, investigations, malware-analysis
Language: Python
Homepage:
Size: 32.2 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

README

        # ElfAnalyzer

## Description

This module parses and analyzes ELF file for Forensic and investigations.

Parses:

 - ELF identification

 - ELF headers

 - Program headers

 - ELF sections

 - ELF symbols tables

 - Comment section

 - Note sections

 - Dynamic section

## Requirements

This package require:

 - python3

 - python3 Standard Library

### Optional

 - matplotlib

 - EntropyAnalysis

> *Matplotlib* and *EntropyAnalysis* are not installed by *ProgramExecutableAnalyzer* because this package can be installed on server without GUI.

> You can install optinal required packages with the following command: `python3 -m pip install matplotlib EntropyAnalysis`

## Installation

```bash

python3 -m pip install ElfAnalyzer

```

```bash

git clone "https://github.com/mauricelambert/ElfAnalyzer.git"

cd "ElfAnalyzer"

python3 -m pip install .

```

## Usages

### Command line

```bash

ElfAnalyzer              # Using CLI package executable

python3 -m ElfAnalyzer   # Using python module

python3 ElfAnalyzer.pyz  # Using python executable

ElfAnalyzer.exe          # Using python Windows executable

./ElfAnalyzer.pyz ./local/ElfFile

ElfAnalyzer.exe -u https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.so

./ElfAnalyzer.pyz -v ./local/ElfFile

python3 ElfAnalyzer.pyz -c ./local/ElfFile

```

### Python script

```python

from ElfAnalyzer import *

file = open("./local/ElfFile", "rb")

elfindent, elf_headers, programs_headers, elf_sections, symbols_tables, comments, note_sections, notes, dynamics, sections = parse_elffile(file)

cli(elfindent, elf_headers, programs_headers, elf_sections, symbols_tables, comments, notes, dynamics, sections)

file.close()

```

## Links

 - [Pypi](https://pypi.org/project/ElfAnalyzer)

 - [Github](https://github.com/user/ElfAnalyzer)

 - [Documentation](https://mauricelambert.github.io/info/python/security/ElfAnalyzer.html)

 - [Python executable](https://mauricelambert.github.io/info/python/security/ElfAnalyzer.pyz)

 - [Python Windows executable](https://mauricelambert.github.io/info/python/security/ElfAnalyzer.exe)

## License

Licensed under the [GPL, version 3](https://www.gnu.org/licenses/).