LIEF: Library to Instrument Executable Formats

This project aims to provide a cross platform library to parse, modify and abstract ELF, PE and MachO formats.

Download Documentation

LIEF Architecture

Powered by Quarkslab

ionicons-v5_logos

Abstraction

Executable file formats share common features like symbols, relocations, or entry-point. LIEF provides an abstraction on these features to deal with executable features regardless of their underlying format.

LIEF Abstraction
LIEF Enhanced API

Enhanced API

Whilst the LIEF's core is written in C++, it exposes a C++11 interface with Python bindings. A subset of the API is also exposed in C.

Parse & Modify

LIEF enables, to some extent, to modify formats like adding new sections or changing the symbol's name. All the modifications are done without relying on a disassembler.

LIEF Parse & Modify