Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
LIEF (Library to Instrument Executable Formats) is a cross-platform library for working with executable file formats, open-sourced by Quarkslab in 2017. Its goal is to parse, modify, and abstract mainstream binary formats such as ELF, PE, and Mach-O through a relatively friendly API, while also covering COFF and Android ecosystem formats including DEX, VDEX, OAT, and ART.
Based on the collected information, LIEF’s core value lies in being able to both parse and modify binaries. It supports basic reading and writing for ELF, Mach-O, and PE, and also provides more specialized capabilities such as adding sections/segments, modifying RPATH/RUNPATH, handling symbol versions, imports/exports, resources, TLS, debug information, PDB, and Authenticode. Documentation for the extended edition also mentions modules such as DWARF, Objective-C, Dyld Shared Cache, Disassembler, and Assembler. For tasks such as reverse engineering, security research, code injection, hooking, and patch generation, LIEF offers a more programmable entry point than simple dump tools.
LIEF is written in C++ and provides C++, Python, and Rust APIs. The documentation is available in both Sphinx and Doxygen formats, and separates Latest and Stable API docs, which is helpful for production engineering. Integration options cover SDKs, Python bindings, Rust, CMake, Visual Studio, Xcode, Docker, and CI. The ecosystem also includes Ghidra and BinaryNinja plugins, as well as the lief-patchelf tool. The documentation includes multiple hands-on tutorials, such as ELF Hooking, PLT/GOT infection, Mach-O modification, Android formats, and PE Authenticode, making it strongly practice-oriented.
The main content clearly states that LIEF was open-sourced in 2017, but does not provide a specific license. The site includes entry points for Sponsor and LIEF Extended information, but the captured content does not provide commercial pricing, subscriptions, payment methods, or support SLA details, so its commercial edition strategy cannot be determined.
Its strengths are broad format coverage, cross-platform support, mature multi-language bindings, and a clear documentation structure. It also supports build-time trimming; the text mentions that the ELF parser can be reduced to about 900KB on AArch64. The drawbacks are that binary formats themselves have a high learning curve, and some tutorials are marked Deprecated, so version differences should be checked before production use. LIEF is best suited for security researchers, reverse engineers, EDR/sandbox/scanner developers, and tooling teams that need to process executable files in bulk.
The collected content does not provide information about availability, mirrors, or downloads in mainland China, so china_access can only be marked as unknown. If access is unstable, users may consider using GitHub, package managers, or local source builds. Alternative tools can be selected by scenario, including radare2, Ghidra/Binary Ninja plugin capabilities, patchelf, pefile, pyelftools, and LLVM objcopy/objdump.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on lief.re official site.
lief.re is an France Dev Tools provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach lief.re directly.