Detailed pricing plans are not available yet for this tool.
IceBuddha - Projects - About Drop file here Check out Summit Route for end-point protection. About IceBuddha is an open-source (MIT license) hex viewer and generic binary file parser that runs in the browser. See an example. Why? I wanted to test the limits of what was possible in the browser from a static site. Because all the files are static (no database, and no server-side functionality) IceBuddha is hosted on github pages. Ridiculous things IceBuddha does "Submitted" files are not uploaded anywhere. Everything happens in your browser locally. If you're concerned, you can clone and host this project locally by running it in a simple web server, such as using "python -m SimpleHTTPServer" in the folder you clone the repo to. Files are parsed via >Python scripts that define the structure of the files. The python is converted to Javascript in your browser via the skulpt library. By clicking on the "Parse as" tab when you drop a file, you can see this Python code. You can then edit it, and your file will parsed again immediately using your new code. Again, this is all happening entirely in your browser without hitting the server. You can take your python parse scripts, and run them directly on files to generate JSON data, without using your browser, as explained here Similar projects/products 010 editor: Windows & Mac (commercial), odd format for binary templates to parse files, but looks similar to C structs and is often referenced. Synalize It!: Mac only (commercial); XML based grammar format which means limited capability for more advanced binary file formats. File parsing IceBuddha can parse a few of the main structures in the following file types: PE files (.exe, .dll, .sys) GIF image files Mach-O (Mac OS X files) Expanding and adding your own file parsing File types are automatically identified in drop.js via the function "ChooseParseScript". Look at pe.py to see an example of how files are parsed. Change the PE in the line ib = icebuddha.IceBuddha(filedata, "PE") to be name of your file type. The line imageDosHeader = ib.parse(0, "IMAGE_DOS_HEADER", """ creates a structure at offset 0 with name IMAGE_DOS_HEADER. Then the next lines in that file describe what is in that structure. Known variable types are: BYTE, CHAR, and anything unknown: 1 byte WORD: 2 bytes DWORD: 4 bytes ULONGLONG: 8 bytes You can also create arrays such as WORD e_res2[10]; ib is the root object, so we then append imageDosHeader to that. Later we append objects to imageDosHeader The line e_lfanew = imageDosHeader.getInt("e_lfanew") gets the value of PE.IMAGE_DOS_HEADER.e_lfanew in the file it parses, and sets the variable e_lfanew which is then used as the offset in the next line. Usually you can specify an offset simply by using something like imageNtHeader.end() to specify the end of the previous object. To describe a bit field, you can look at what I did for dllCharacteristics. Finally, you just need to return everything with the lines return ib.getParseTree() and parser = Parse() You can have loops, other functions, and other logic in your code, as shown in gif.py. You can also describe what a value means as shown with the function setMeaningFromConstants in the file mach_o.py You can set the endianness as shown with setBigEndian in the file mach_o.py Project status IceBuddha is mostly abandoned (last update on 2014-11-13). It does a lot of stuff, but a lot of things are impossible for a webapp based on static files (ex. saving files). This was my first javascript project. The codebase is not pretty. Code on github. Loadingclose --- IceBuddha - Projects - About Drop file here Check out Summit Route for end-point protection. About IceBuddha is an open-source (MIT license) hex viewer and generic binary file parser that runs in the browser. See an example. Why? I wanted to test the limits of what was possible in the browser from a static site. Because all the files are static (no database, and no server-side functionality) IceBuddha is hosted on github pages. Ridiculous things IceBuddha does "Submitted" files are not uploaded anywhere. Everything happens in your browser locally. If you're concerned, you can clone and host this project locally by running it in a simple web server, such as using "python -m SimpleHTTPServer" in the folder you clone the repo to. Files are parsed via >Python scripts that define the structure of the files. The python is converted to Javascript in your browser via the skulpt library. By clicking on the "Parse as" tab when you drop a file, you can see this Python code. You can then edit it, and your file will parsed again immediately using your new code. Again, this is all happening entirely in your browser without hitting the server. You can take your python parse scripts, and run them directly on files to generate JSON data, without using your browser, as explained here Similar projects/products 010 editor: Windows & Mac (commercial), odd format for binary templates to parse files, but looks similar to C structs and is often referenced. Synalize It!: Mac only (commercial); XML based grammar format which means limited capability for more advanced binary file formats. File parsing IceBuddha can parse a few of the main structures in the following file types: PE files (.exe, .dll, .sys) GIF image files Mach-O (Mac OS X files) Expanding and adding your own file parsing File types are automatically identified in drop.js via the function "ChooseParseScript". Look at pe.py to see an example of how files are parsed. Change the PE in the line ib = icebuddha.IceBuddha(filedata, "PE") to be name of your file type. The line imageDosHeader = ib.parse(0, "IMAGE_DOS_HEADER", """ creates a structure at offset 0 with name IMAGE_DOS_HEADER. Then the next lines in that file describe what is in that structure. Known variable types are: BYTE, CHAR, and anything unknown: 1 byte WORD: 2 bytes DWORD: 4 bytes ULONGLONG: 8 bytes You can also create arrays such as WORD e_res2[10]; ib is the root object, so we then append imageDosHeader to that. Later we append objects to imageDosHeader The line e_lfanew = imageDosHeader.getInt("e_lfanew") gets the value of PE.IMAGE_DOS_HEADER.e_lfanew in the file it parses, and sets the variable e_lfanew which is then used as the offset in the next line. Usually you can specify an offset simply by using something like imageNtHeader.end() to specify the end of the previous object. To describe a bit field, you can look at what I did for dllCharacteristics. Finally, you just need to return everything with the lines return ib.getParseTree() and parser = Parse() You can have loops, other functions, and other logic in your code, as shown in gif.py. You can also describe what a value means as shown with the function setMeaningFromConstants in the file mach_o.py You can set the endianness as shown with setBigEndian in the file mach_o.py Project status IceBuddha is mostly abandoned (last update on 2014-11-13). It does a lot of stuff, but a lot of things are impossible for a webapp based on static files (ex. saving files). This was my first javascript project. The codebase is not pretty. Code on github. Loadingclose --- IceBuddha - Projects - About IceBuddha Main site. Generic binary file parser. SlopFinder Checks for DEP/ASLR. Code on github. --- IceBuddha - Projects - About Motive The goal of IceBuddha is to become a general purpose binary file parser to help me learn some things and try out some ideas. I'm doing this because I think it's an interesting idea, and with no goal of financial gain (just street cred). Contact me Email me at 0xdabbad00 – at – gmail.com or read what I'm up to on my main site 0xdabbad00.com. Thank you! Thanks to the following projects/people for making this site possible: jqTree (Apache license) Allows me to show my tree view of the parsed data. jQuery.ScrollTo (MIT and GPL licenses) Makes the browser scroll. Waypoints (MIT and GPL licenses) Causes events to occur when you scroll. ACE editor (BSD license?) Code-editor. Eli Grey for FileSaver.js and BlobBuilder.js, which I use to download files (MIT/X11 license). skulpt (MIT license) In-browser Python to JavaScript compiler. PEG.js (MIT license) No longer used, but still appreciate them for it I was using it. Thanks in advance Bruno for writing my auto-complete code in his answer to my question on stackoverflow. Privacy Policy I don't collect any data. Everything is happening locally, client side on your system. It's all javascript and html, so I invite you to not only review my code on github, but host this site locally. Or better yet, fork it and send me fixes/features! Most of the site should work by just downloading it and browsing to it on your local hard-drive, even without a web server (some code does currently grab files from my server but I'm trying to figure out a smarter way to handle that). I host this site on amazon EC2 because most free hosting tracks users. I believe strongly in privacy, and frankly I'm too stupid to know how to profit from your use of this site. I do want to eventually incorporate some wiki capabilities into this site which will mean some server side code, but I still will refrain from sending home any data you are not specifically requesting my server receive. Code on github.
