Main features: - Parse FAT/universal binaries and individual slices - Full code signature analysis (8 commands: entitlements, certificates, CDHash, notarization, etc.) - Tree visualization of segments/sections - Hexdump (absolute, relative, load command) - String extraction with grep filtering - JSON export
Currently supports 24 load commands including the newer LC_DYLD_CHAINED_FIXUPS and LC_DYLD_EXPORTS_TRIE.
I'm building this as the main tool for my reverse engineering course (bytearchitect.io) – eating my own dog food.
Universal binary (ARM64 + x86_64), signed and notarized.
Feedback welcome. What analysis features would you find useful?