This module parses and analyzes ELF file for Forensic and investigations.
Project description
ElfAnalyzer
Description
This module parses and analyzes ELF file for Forensic and investigations.
Parses:
- ELF identification
- ELF headers
- Program headers
- ELF sections
- ELF symbols tables
- Comment section
- Note sections
- Dynamic section
Requirements
This package require:
- python3
- python3 Standard Library
Optional
- matplotlib
- EntropyAnalysis
Matplotlib and EntropyAnalysis are not installed by ProgramExecutableAnalyzer because this package can be installed on server without GUI. You can install optinal required packages with the following command:
python3 -m pip install matplotlib EntropyAnalysis
Installation
python3 -m pip install ElfAnalyzer
git clone "https://github.com/mauricelambert/ElfAnalyzer.git"
cd "ElfAnalyzer"
python3 -m pip install .
Usages
Command line
ElfAnalyzer # Using CLI package executable
python3 -m ElfAnalyzer # Using python module
python3 ElfAnalyzer.pyz # Using python executable
ElfAnalyzer.exe # Using python Windows executable
./ElfAnalyzer.pyz ./local/ElfFile
ElfAnalyzer.exe -u https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.so
./ElfAnalyzer.pyz -v ./local/ElfFile
python3 ElfAnalyzer.pyz -c ./local/ElfFile
Python script
from ElfAnalyzer import *
file = open("./local/ElfFile", "rb")
elfindent, elf_headers, programs_headers, elf_sections, symbols_tables, comments, note_sections, notes, dynamics, sections = parse_elffile(file)
cli(elfindent, elf_headers, programs_headers, elf_sections, symbols_tables, comments, notes, dynamics, sections)
file.close()
Links
License
Licensed under the GPL, version 3.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
ElfAnalyzer-0.0.3.tar.gz
(30.3 kB
view hashes)
