the-backdoor-factory VS LIEF

I don't think this argument holds much substance. FOSS developers are absolutely not lost without the source - they just share the fruit of their labor under FOSS licenses. In fact there's a good chunk of work being done black-box style: WINE, many of the drivers, game modding, hell here's a random FOSS binary patcher[0]. So FOSS developers don't seem to be lost without the source.

[0] https://github.com/secretsquirrel/the-backdoor-factory

My team is working on this problem in the context of creating Node.js single-executable applications. While the naive approach of just appending data at the end of the binary works, it is not friendly with code-signature in macOS and Windows given that signing operates on PE and Mach-O sections.

We have recently open-sourced a small tool called Postject (https://github.com/postmanlabs/postject), which is able to inject arbitrary data as proper ELF/Mach-O/PE sections for all major operating systems (with AIX support coming). The tool also provides C/C++ cross-platform headers for easily traversing the final binary and introspect whether the segment is present or not.

The tool is based on the LIEF (https://github.com/lief-project/LIEF) project.

At Postman, we are making use of this on our custom Node.js single-executable applications and soon on our custom Electron.js builds too.

https://github.com/lief-project/LIEF https://lief-project.github.io/doc/latest/api/python/index.html

Bintropy: Entropy-based packing detection featuring multiple modes (whole binary, per section or segment). Based on the awesome LIEF library, therefore supports ELF, PE, Mach-O.

I've been looking at LIEF toolkit for similar purposes (https://github.com/lief-project/LIEF). It's a python framework for cross platform binary analysis. I'm curious, does rabin2 support dll format?