like ~~grep~~ UBER, but for binaries

Elf binary parsing utility written in Go.

ELF library dependency viewer

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

DIE engine

Painless relocation of Linux binaries–and all of their dependencies–without containers.

A True Instrumentable Binary Emulation Framework

Reverse engineering framework in Python

A collection of programs that access and manipulate ELF files.

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

Cuckoo Sandbox Dockerfile

ld-linux code injector

Cuckoo Sandbox is an automated dynamic malware analysis system

A list of Reverse Engineering articles, books, and papers

Linux Malware Sample Archive including various types of malicious ELF binaries and viruses. Be careful!

Simple ELF crypter. Uses RC4 encryption.

TeamTNT 挖矿病毒样本备份

Exploit Development and Reverse Engineering with GDB Made Easy

Native Ghidra Decompiler for r2

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Obfuscates dynamic symbol table

PyInstaller Extractor

awesome-linux-rootkits

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

LLVM Obfuscator

Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary

Ghidra is a software reverse engineering (SRE) framework

upx变种