https://github.com/z0mb13w4r/objtools

These tools were originally designed to be a research project and drop-in replacement for readelf, objcopy and objdump utilising Capstone disassembly framework.
https://github.com/z0mb13w4r/objtools

arm armv7 binary-analysis disassembly elf-format exploit-development fuzzy-hashing intel malware-analysis pe-format research-tool reverse-engineering risc-v security-tools static-analysis x86 x86-64

Last synced: about 2 months ago
JSON representation

These tools were originally designed to be a research project and drop-in replacement for readelf, objcopy and objdump utilising Capstone disassembly framework.

• Host: GitHub
• URL: https://github.com/z0mb13w4r/objtools
• Owner: z0mb13w4r
• License: mit
• Created: 2025-01-25T13:24:20.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2026-01-26T18:05:13.000Z (2 months ago)
• Last Synced: 2026-01-27T06:07:14.375Z (about 2 months ago)
• Topics: arm, armv7, binary-analysis, disassembly, elf-format, exploit-development, fuzzy-hashing, intel, malware-analysis, pe-format, research-tool, reverse-engineering, risc-v, security-tools, static-analysis, x86, x86-64
• Language: C
• Homepage:
• Size: 1.99 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# objtools-ng

These tools were originally designed as a research project for industrial control systems (ICSs) and a drop-in replacement for readelf, objcopy, and objdump, utilising the Capstone disassembly framework. The project then began to grow into a collection of tools for malware and binary analysis supporting x86, ARM, ARM Thumb, AARCH64, MIPS and RISC-V architectures.

**convert-ng** is a Swiss Army Knife for manipulating data in complex ways using operations, xor, addition, subtraction, logical shifts and rotations, base32, base58, base64, base85 and vigeneree cipher.

**objcopy-ng** copies the contents of an object file to another using the GNU BFD Library to readand write the object files. It can write the destination object file in a format different from that of the source object file.

**objdump-ng** displays information about one or more object files. This information is useful to malware researchers and binary analysis, as this utility is lightweight compared to many commercial applications (x86, ARM, AARCH64, MIPS and RISC-V).

**objdwarf-ng** displays the dwarf information about one or more ELF format object files in standard and enhanced formats.

**objhash-ng** generates hashes of ELF format object files for malware detection and digital forensics. The utility is capable of fuzz-hashing and context-triggered piecewise hashing.

**readelf-ng** displays information about one or more ELF format object files.

**readpe-ng** displays information about one or more PE format object files.

### Support ###

If you can contribute or you want to, feel free to do it at [PayPal](https://www.paypal.com/ncp/payment/L6UQHUDXKSHTC), I will be really thankful for anything, even if it is a coffee, because that helps me a lot to know that you care:)

If you find this project useful and would like to keep it maintained, new features added and a regular release cycle. Then, could you think about sponsorship at [PayPal](https://www.paypal.com/ncp/payment/2DAZRCQM7MDFG).

### Dependencies ###

https://github.com/capstone-engine/capstone - BSD license

https://github.com/ssdeep-project/ssdeep - GPL-2.0 license

https://github.com/davea42/libdwarf-code - LGPL license

### License ###

objtools-ng is published under the MIT license.