Merge Format Characteristics
LIEF is designed to factor common characteristics in the formats like entry point, sections, symbols...
The purpose of this project is to provide a cross platform library to parse, modify and abstract ELF, PE and MachO formats.
It turns out that many projects need to parse executable formats and they usually re-implement their own parser.
Moreover these parsers are usually bound to one language.
LIEF attempts to fill this void.
Merge Format Characteristics
LIEF is designed to factor common characteristics in the formats like entry point, sections, symbols...
Code injection
LIEF provides APIs to inject code or data into a binary. This injection could be used to hook some functions or to redirect control flow.
Python/C++/C API
Parse PE Authenticode
Cross formats nm
... in 4 lines
The following snippet prints binary symbols as nm would do.
Thanks to LIEF abstraction, this script works for PE, ELF as well as MachO formats.
import lief
binary = lief.parse("elf_pe_macho_file")
for symbol in binary.symbols:
print(symbol)
# PE
__imp__GetStartup... 128
__IAT_end__ 1d4
# ELF
__ctype_toupper_loc FUNC
__uflow FUNC
# MachO
_write EXT
dyld_stub_binder EXT
Linux version (64-bits)
0.7.0
OSX version (64-bits)
0.7.0
Source
master
LIEF is currently developed and sponsored by Quarkslab under the Apache 2.0 license.
