Awesome Open Source
Awesome Open Source


The better strings utility for the reverse engineer.

elf-strings will programmatically read an ELF binary's string sections within a given binary. This is meant to be much like the strings UNIX utility, however is purpose built for ELF binaries.

This means that you can get suitable information about the strings within the binary, such as the section they reside in, the offset in the section, etc.. This utility also has the functionality to 'demangle' C++ symbols, iterate linked libraries and print basic information about the ELF.

This can prove extremely useful for quickly grabbing strings when analysing a binary.


alt text


git clone
cd elf-strings
go build


-binary string
    	the path to the ELF you wish to parse
    	demangle C++ symbols into their original source identifiers, prettify found C++ symbols (optional)
    	output the strings as a hexadecimal literal (optional)
    	show the linked libraries in the binary (optional)
  -max-count uint
    	the maximum amount of strings that you wish to be output (optional)
  -min uint
    	the minimum length of the string
    	disable color output in the results
    	don't validate that its a human readable string, this could increase the amount of junk.
    	don't show any information about the binary
    	disable triming whitespace and trailing newlines
    	show the offset of the string in the section (default, recommended) (default true)
  -output-file string
    	the path of the output file that you want to output to (optional)
  -output-format string
    	the format you want to output as (optional, plain/json/xml) (default "plain")


An example grabbing the strings from the echo utility.

./elf-strings --binary=/bin/echo --min=4 --max-count=10

[+] Size: 31 kB
[+] Arch: x86_64
[+] Entry point: 0x401800
[+] Class: ELFCLASS64
[+] Byte order: LittleEndian

[.dynstr+0xa]: fflush
[.dynstr+0x11]: __printf_chk
[.dynstr+0x1e]: setlocale
[.dynstr+0x28]: mbrtowc
[.dynstr+0x30]: strncmp
[.dynstr+0x38]: strrchr
[.dynstr+0x40]: dcgettext
[.dynstr+0x4a]: error
[.dynstr+0x50]: __stack_chk_fail

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
go (15,372
reverse-engineering (484
utility (227
golang-application (56
strings (51