About Egalito

Egalito is a binary recompiler that can fully disassemble, transform, and regenerate ordinary Linux binaries. Unlike a typical binary rewriter, Egalito fully understands all code and code pointers in a binary. It can incorporate arbitrary modifications to the code the same way a linker does, by simply recomputing a new program layout.

Egalito derives its name from the term egalitarian, since it treats its own code like any other. In fact, it is general enough to support transforming itself, injecting itself at runtime, and dynamic binary recompilation. Egalito is designed for binary hardening, implementing security mechanisms that may have been disabled at compile-time or may be unavailable in compilers. However, it has many other potential uses, including performance profiling, debugging, and hot-patching.

Getting Started

Egalito is GPL v3 licensed and can be found on GitHub and pre-installed on a VM. It appeared as a publication in ASPLOS 2020 (preprint). Please feel free to contact us at help at egalito dot org.

If you are new to Egalito, check out our tutorial!