$ ./ROPgadget.py -h
usage: ROPgadget.py [-h] [-v] [--binary <binary>] [--opcode <opcodes>]
                    [--string <string>] [--memstr <string>] [--depth <nbyte>]
                    [--only <key>] [--filter <key>] [--range <start-end>]
                    [--thumb] [--payload] [--console] [--norop] [--nojop]
                    [--nosys]

description:
  ROPgadget lets you search your gadgets on a binary. It supports several 
  file formats and architectures. 

formats supported: 
  - ELF
  - PE
  - Mach-O 

architectures supported:
  - x86
  - x86-64
  - ARM

optional arguments:
  -h, --help           show this help message and exit
  -v, --version        Display the ROPgadget's version
  --binary <binary>    Specify a binary filename to analyze
  --opcode <opcodes>   Searh opcode in executable segment
  --string <string>    Search string in readable segment
  --memstr <string>    Search each byte in all readable segment
  --depth <nbyte>      Depth for search engine (default 10)
  --only <key>         Only show specific instructions
  --filter <key>       Suppress specific instructions
  --range <start-end>  Search between two addresses (0x...-0x...)
  --thumb              Use the thumb mode for the search engine. (ARM only)
  --payload            Enable ROP chain generation
  --console            Use an interactive console for search engine
  --norop              Disable ROP search engine
  --nojop              Disable JOP search engine
  --nosys              Disable SYS search engine

examples:
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --payload
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --depth 3
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --string "main"
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --string "m..n"
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --opcode c9c3
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --only "mov|ret"
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --only "mov|pop|xor|ret"
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --filter "xchg|add|sub"
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --norop --nosys
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --range 0x08041000-0x08042000
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --string main --range 0x080c9aaa-0x080c9aba
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --memstr "/bin/sh"
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --console
  ROPgadget.py --binary ./test-suite-binaries/elf-Linux-ARMv7-ls --depth 5