readelfmaster

A reimplementation of GNU readelf, using Ryan O'Neill's innovative library, libelfmaster.

This is a project so that I can both learn the libelfmaster library functionality better while contributing to the community. I have found this program useful in my own binary analysis during CTFs.

Begin by following the installation instructions for libelfmaster. You will need to include the libelfmaster header file as well as compile readelfmaster against the static libelfmaster.a library produced upon successful compilation of libelfmaster.

As we can see, readelf has no problem displaying the section headers of an ordinary binary:

However, malware authors will often attempt to make analysis of their software more difficult. One way is to strip the unneeded section headers:

libelfmaster comes with the ability to reconstruct section headers, among other innovative functionality. Read more at the libelfmaster Github page.