elfGetArgs is a CLI tool for analyzing ELF (Executable and Linkable Format) files, specifically designed to extract argument information of specified functions.
It is useful for static analysis, reverse engineering, and security research.
Clone the repository:
git clone https://github.com/MercuryNearTheMoon/elfGetArgs.gitTo compile the project:
cd elfGetArgs
go build .You can run elfGetArgs via Docker without installing Go locally.
cd elfGetArgs
docker build -t elfgetargs .docker run --rm \
-v /path/to/binaries:/target \
-v /path/to/output:/app/output \
elfgetargs \
-p /target -A amd64 -f open -a 0 -o /app/output/output.csv -w 4Replace /path/to/binaries with the directory containing ELF files,
and /path/to/output with the directory where you want to save the output CSV.
Main command-line flags:
Usage of ./elfGetArgs:
Required flags:
-p, --path string Target directory or file to scan
-A, --arch string Target architecture (amd64, arm64)
-f, --func string Function name to search (can repeat, at least one required)
-a, --arg int Argument index for corresponding function (can repeat, start from 0, at least one required)
Optional flags:
-o, --out string Output CSV file (optional)
-w, --worker int Number of workers (optional, default 4)
./elfGetArgs -p ./binaries -A amd64 -f open -a 0 -o output.csv -w 8This scans the ./binaries directory for ELF files, looks for the first argument of the open function, outputs results to output.csv, and uses 8 worker threads.