Need help with egalito?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

147 Stars 21 Forks GNU General Public License v3.0 1.8K Commits 8 Opened issues


Self-hosting binary instrumentation framework for security research

Services available


Need anything else?

Contributors list

Egalito is a binary recompiler, designed for implementing security hardening. It uses a low-level intermediate representation (EIR or Chunk) that accurately reflects all aspects of a program binary. Egalito uses metadata present in modern position-independent binaries to turn all cross-references into EIR Links, allowing code to be arbitrarily rearranged without additional overhead. Output generation in the form of ELFs or union ELFs is supported, and Egalito provides a custom loader that allows it to bootstrap into a fully self-hosted environment (parsing and transforming

Egalito supports x86_64 and aarch64, with experimental support for RISC-V.

For more information, please visit:

To build: $ sudo apt-get install make g++ libreadline-dev gdb lsb-release unzip $ sudo apt-get install libc6-dbg libstdc++6-7-dbg # names may differ $ git submodule update --init --recursive $ make -j


To test, try: $ cd test/codegen && make && cd - $ cd app && ./etelf -m ../src/ex/hello hello && ./hello && cd - $ cd src && ./loader ex/hello && cd - $ cd app && ./etshell

Other extensions: - Python bindings and Python shell: see app/README-python - Docker: see test/docker/

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.