LIEF VS peid

Compare LIEF vs peid and see what are their differences.

LIEF

LIEF - Library to Instrument Executable Formats (by lief-project)
Reverse Engineering malware-analysis binary-analysis Parser modification executable-formats elf macho pe lief Parsing SDK Python Android Dex oat Art vdex
Source Code
lief-project.github.io
Suggest alternative
Edit details

peid

Python implementation of the Packed Executable iDentifier (PEiD) (by packing-box)
peid peid-signature pe-file pe-files pe-format signature-detection Python entrypoint packing-detection executable-packing malware-packers malware-analysis malware-research binary-analysis research-tools
Source Code
Suggest alternative
Edit details
InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors
LIEF peid
4 1
4,137 117
1.9% 3.4%
9.4 5.0
17 days ago 3 months ago
C++ Python
Apache License 2.0 GNU General Public License v3.0 only
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

LIEF

Posts with mentions or reviews of LIEF. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-07-26.
  • What's the Most Portable Way to Include Binary Blobs in an Executable?
    5 projects | news.ycombinator.com | 26 Jul 2022
    My team is working on this problem in the context of creating Node.js single-executable applications. While the naive approach of just appending data at the end of the binary works, it is not friendly with code-signature in macOS and Windows given that signing operates on PE and Mach-O sections.

    We have recently open-sourced a small tool called Postject (https://github.com/postmanlabs/postject), which is able to inject arbitrary data as proper ELF/Mach-O/PE sections for all major operating systems (with AIX support coming). The tool also provides C/C++ cross-platform headers for easily traversing the final binary and introspect whether the segment is present or not.

    The tool is based on the LIEF (https://github.com/lief-project/LIEF) project.

    At Postman, we are making use of this on our custom Node.js single-executable applications and soon on our custom Electron.js builds too.

  • Pefile python module features
    2 projects | /r/Malware | 17 Mar 2022
    https://github.com/lief-project/LIEF https://lief-project.github.io/doc/latest/api/python/index.html
  • Collection of tools for executable packing detection
    6 projects | /r/Malware | 15 Jan 2022
    Bintropy: Entropy-based packing detection featuring multiple modes (whole binary, per section or segment). Based on the awesome LIEF library, therefore supports ELF, PE, Mach-O.
  • rabin2 for scraping ELF to JSON
    2 projects | /r/ELFLinking | 16 Oct 2021
    I've been looking at LIEF toolkit for similar purposes (https://github.com/lief-project/LIEF). It's a python framework for cross platform binary analysis. I'm curious, does rabin2 support dll format?

peid

Posts with mentions or reviews of peid. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-01-15.
  • Collection of tools for executable packing detection
    6 projects | /r/Malware | 15 Jan 2022
    PEiD (Python version): Yet another version of it (I found a few others, but always with an outdated userdb.txt), but with a userdb.txt merged from various repositories and an additional tool for making new signatures.

What are some alternatives?

When comparing LIEF and peid you can also consider the following projects:

dll-proxy-generator - Creates a proxy dll which sits between the game and original dll

bintropy - Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

radare2 - UNIX-like reverse engineering framework and command-line toolset

pe-bear-releases - PE-bear (builds only)

tree-sitter-html - HTML grammar for Tree-sitter

PyPackerDetect - A malware dataset curation tool which helps identify packed samples.

pe - A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

pyhidra - Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.

vivaldi_modding - Custom modifications for Vivaldi web browser.

machofile - machofile is a module to parse Mach-O binary files

pev - The PE file analysis toolkit

LIEF vs dll-proxy-generator peid vs bintropy LIEF vs radare2 peid vs pe-bear-releases LIEF vs tree-sitter-html peid vs PyPackerDetect LIEF vs pe peid vs pyhidra LIEF vs vivaldi_modding peid vs machofile LIEF vs bintropy peid vs pev