unblob vs hyperscan

Our great sponsors

InfluxDB - Power Real-Time Data Analytics at Scale

WorkOS - The modern identity platform for B2B SaaS

SaaSHub - Software Alternatives and Reviews

Our great sponsors

unblob		hyperscan
	Project
16	Mentions	25
2,054	Stars	4,629
2.5%	Growth	1.0%
9.5	Activity	2.0
about 13 hours ago	Latest Commit	5 months ago
Python	Language	C++
GNU General Public License v3.0 or later	License	GNU General Public License v3.0 or later

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

unblob

Posts with mentions or reviews of unblob. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-02-14.

Reverse-engineering an encrypted IoT protocol
8 projects | news.ycombinator.com | 14 Feb 2024
How are zlib, gzip and zip related?
3 projects | news.ycombinator.com | 27 Nov 2023

If you are interested in implementation details, how to unpack/decompress them, check out these Python implementations:
- https://github.com/onekey-sec/unblob/blob/main/unblob/handle...
- https://github.com/onekey-sec/unblob/blob/main/unblob/handle...
- https://github.com/onekey-sec/unblob/blob/main/unblob/handle...
GNU poke: The extensible editor for structured binary data
9 projects | news.ycombinator.com | 1 Mar 2023
unblob: Extract files from any kind of container formats
1 project | /r/blueteamsec | 28 Jan 2023
FLiP Stack Weekly for 21 Jan 2023
19 projects | dev.to | 23 Jan 2023

Extract all the things https://unblob.org/
Show HN: Unblob – extraction suite for 30+ file formats
1 project | /r/patient_hackernews | 18 Jan 2023

1 project | /r/hackernews | 18 Jan 2023

1 project | /r/hypeurls | 18 Jan 2023

10 projects | news.ycombinator.com | 18 Jan 2023

and the initial work they already merged: https://github.com/onekey-sec/unblob/pull/475
Show HN: Unblob – accurate, fast, and easy-to-use extraction suite
1 project | news.ycombinator.com | 9 Nov 2022

hyperscan

Posts with mentions or reviews of hyperscan. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-03-06.

Ask HN: Regex on a File or Stream
2 projects | news.ycombinator.com | 6 Mar 2024

Maybe some other PCRE-compatible implementation offers streaming. For instance, https://www.intel.com/content/www/us/en/developer/articles/t... says it has this feature, but of course given who it's from it may be tied to a single brand of CPU.
github seems to be https://github.com/intel/hyperscan
Aho-Corasick Algorithm
3 projects | news.ycombinator.com | 4 Mar 2024
Stop deploying web application firewalls
1 project | news.ycombinator.com | 13 Nov 2023

I think of WAFs as an extra safety net. Defense in depth.
The author complained about the performance cost of WAFs in general, but not all WAFs have be structured like ModSecurity. They could for example be based on something like https://github.com/intel/hyperscan and perf is at a very different level.
Be careful of the examples you use. They stick
2 projects | news.ycombinator.com | 22 Aug 2023

Another example of old timey Unix code just breaking things in minor point releases. See https://abi-laboratory.pro/index.php?view=changelog&l=glibc&... and https://github.com/intel/hyperscan/issues/359.
hypergrep: A new "fastest grep" to search directories recursively for a regex pattern
9 projects | /r/cpp | 7 Jun 2023
Accelerating Regular Expressions with AVX-512 at 1.5 GB/s/core
2 projects | news.ycombinator.com | 22 May 2023
GitHub push protection is free for all public repositories
1 project | news.ycombinator.com | 10 May 2023

It’s a bespoke scanning setup designed to deal with GitHub’s scale. Under the hood it’s using Intel’s hyperscan as the regex engine.
https://github.com/intel/hyperscan
RE2 VS hyperscan - a user suggested alternative
2 projects | 17 Mar 2023

Hyperscan is an Intel regular expression library.
hyperscan VS RE2 - a user suggested alternative
2 projects | 17 Mar 2023
Show HN: Unblob – extraction suite for 30+ file formats
10 projects | news.ycombinator.com | 18 Jan 2023

We are using hyperscan [3] instead of grepping byte sequences with Python, which is orders of magnitudes faster. It can also handle 4Gb+ files because of this which binwalk cannot.
It's used for a year now in production and it's way more precise and faster than binwalk. We are getting less false-positives too, and even if unblob fails to extract everything, we still get meaningful information out of firmwares, where binwalk just failed with no output previously.
[1]: https://github.com/onekey-sec/unblob/blob/main/unblob/handle...
[2]: https://github.com/onekey-sec/unblob/blob/main/unblob/proces...
[3]: https://github.com/intel/hyperscan

What are some alternatives?

When comparing unblob and hyperscan you can also consider the following projects:

binwalk - Firmware Analysis Tool

regex-benchmark - It's just a simple regex benchmark of different programming languages.

EMBA - EMBA - The firmware security analyzer

go - The Go programming language

dtrx - Do The Right Extraction

lunatic - Lunatic is an Erlang-inspired runtime for WebAssembly

append-zip - append a file into an existing zip file, overwriting the existing file of the same name if needed

Rusoto - AWS SDK for Rust

python-btrfs - Python Btrfs module

sqlx - 🧰 The Rust SQL Toolkit. An async, pure Rust SQL crate featuring compile-time checked queries without a DSL. Supports PostgreSQL, MySQL, and SQLite.

binspector - A binary format analysis tool

RE2 - RE2 is a fast, safe, thread-friendly alternative to backtracking regular expression engines like those used in PCRE, Perl, and Python. It is a C++ library.