elfcat
Kaitai Struct
Our great sponsors
elfcat | Kaitai Struct | |
---|---|---|
3 | 44 | |
915 | 3,830 | |
- | 1.6% | |
0.0 | 7.5 | |
about 1 year ago | 12 days ago | |
Rust | Shell | |
zlib License | GPL-3.0-or-later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
elfcat
- Elfcat: ELF binary visualizer generating HTML
-
Elfcat: Visualize ELF Binaries
> I'm surprised this is written in Rust and doesn't use the object crate--did the author do this in part to learn how elf works?
No. When I started the project I was expecting to just read data into the ELF structs, in style of C. (Un)fortunately, it's not possible to do safely, so I started looking into crates to do that, and was stumbling upon data deserialization ones, in particular, the first attempt was in nom. In hindsight, that wasn't particularly smart, and specific object-file-parsing ones would be better. I don't regret implementing reading manually, despite it looking pretty ugly, because attending to NIH syndrome is fun.
> Speaking of visualizing virtual memory, one of the things that I haven't seen a nice prior tool for is breaking down the memory map of a process on a per-section basis
That is planned. It's noted in readme, and in issue #3 I go over how it can look like[1].
[1]: https://github.com/ruslashev/elfcat/issues/3#issuecomment-86...
Kaitai Struct
- Reverse-engineering an encrypted IoT protocol
-
Parsing an Undocumented File Format
- ImHex [2], which has a pattern language [3] which allows parsing, and it seems more powerful than what Kaitai offers. I stumbled upon some limitations with it but it was still useful.
[1]: https://kaitai.io/
- Kaitai Struct – a declarative language used to describe binary data structures
-
HTTPie Desktop: cross-platform API testing client for humans
Beautiful. Didn't know something like this exists. Reminds me of Katai[0]
[0]. https://kaitai.io/
-
Hacking the LG Monitor's EDID
An EDID override like this would be helpful for macOS as well, where the monitors swapping around after standby is a real annoyance [0] [1]
EDID rewrites are 99% of the time blocked by the monitor firmware: https://notes.alinpanaitiu.com/Decoding-monitor-EDID-on-macO...
By the way, one helpful tool that helped me navigate the EDID dump was Kaitai Struct [2]. It shows a side by side view with the hex view and the EDID structure, and it highlights the hex values in real time as you navigate the structure. Unfortunately [3] it doesn't support the extension blocks that the author needs.
[0] https://notes.alinpanaitiu.com/Weird-monitor-bugs
[1] https://forums.macrumors.com/threads/external-displays-swapp...
[2] https://kaitai.io/
[3] https://github.com/kaitai-io/edid.ksy
- Kaitai Struct: new way to develop parsers for binary structures
-
Fq: Jq for Binary Formats
Kaitai Struct might be a good choice for that: https://kaitai.io/
-
Ingesting, parsing and making sense of device log data
For binary log format, there's the excellent Kaitai Struct frameworks, that make it very easy to generate parsers from a declarative schema
-
What is this tool? More info in comments
kaitai
-
Visual Programming with Elixir: Learning to Write Binary Parsers (2019)
https://kaitai.io/
Worth a look if you are writing binary parsers.
What are some alternatives?
rizin - UNIX-like reverse engineering framework and command-line toolset.
Protobuf - Protocol Buffers - Google's data interchange format
gpg-decoder - A port of the awesome ASN.1 Javascript Decoder for GPG messages
csvkit - A suite of utilities for converting to and working with CSV, the king of tabular file formats.
veles - Binary data analysis and visualization tool
Camelot - A Python library to extract tabular data from PDFs
tablib - Python Module for Tabular Datasets in XLS, CSV, JSON, YAML, &c.
PDFMiner - Python PDF Parser (Not actively maintained). Check out pdfminer.six.
PyYAML
Scopt - command line options parsing for Scala
Fast Parse - Writing Fast Parsers Fast in Scala