Skip to content

A curated list of awesome binary analysis automation training, resources, and tools.

License

Notifications You must be signed in to change notification settings

user1342/Awesome-Binary-Analysis-Automation

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Awesome Binary Analysis Automation

A comprehensive list of tools and resources for automating binary analysis, vulnerability research, and reverse engineering using various techniques like machine learning, scripting, and static/dynamic analysis.

Awesome GitHub contributors GitHub Repo stars GitHub watchers GitHub last commit

How to Use

Awesome Binary Analysis Automation is an amazing list for people who work in taking apart binaries and firmware. Simply press ctrl + F to search for a keyword, go through our Contents Menu, or look out for a '☆' indicating some great and up-to-date resources.

Contents

Tools

Decompilers/ Disassemblers

  • IDA Pro - Advanced disassembler and reverse engineering tool with extensive scripting capabilities.
  • ☆ Ghidra - NSA's reverse engineering framework offering disassembly, decompilation, and scripting.
  • ☆ Binary Ninja - Known for its intuitive UI and powerful scripting capabilities for various binary analysis tasks.
  • ☆ Radare2 - Open-source framework for reverse engineering and binary analysis.
  • Hopper - Disassembler for macOS and Linux with decompiling and debugging capabilities.
  • Jakstab - Integrated disassembly and static analysis framework.
  • GTIRB - IR Binary analysis and rewriting data structure.

Automated Reverse Engineering

  • Firmware-Mod-Kit - Collection of scripts for modifying firmware images.
  • ☆ Binwalk - For firmware analysis, extraction, and reverse engineering.
  • Firmwalker - A script for searching the extracted firmware file system for goodies.
  • Srecord - Tools for manipulating EPROM load files.
  • Pharos - Carnegie Mellon University’s framework for automating reverse engineering tasks.
  • Triton - Dynamic Binary Analysis (DBA) framework.
  • Echo - Static analysis, symbolic execution, and emulation framework.
  • LIEF - Parses, modifies, and abstracts binary formats.
  • ☆ Monocle - Large Language Model For Binary Analysis Search.

Automated Vulnerability Detection

  • Fwanalyzer - Firmware security analysis.
  • ☆ Flawfinder - Tool for analyzing the entropy of firmware files.
  • Fdiff - Identifies potential security flaws in source code.
  • Checksec - Security checks for binaries.
  • Cwe_checker - Identifies common bug patterns in binaries.
  • Searchsploit - Command-line search tool for Exploit Database.
  • CVE Search - Searching for known vulnerabilities.
  • Exploitdb - An archive of public exploits and corresponding vulnerable software.
  • Dependency-check - A software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
  • BinSkim - Analyzes PE and ELF binary formats for security and correctness.

Automated Malware Detection

  • Yara - Malware detection and classification.

Emulation and Fuzzing

  • ☆ QEMU - Emulator for hardware virtualization used by EMBA for live testing modules.
  • Firmadyne - A full-system emulation tool for analyzing Linux-based firmware.
  • ☆ Unicorn Engine - CPU emulator framework used for binary analysis and vulnerability research.
  • AFL++ (American Fuzzy Lop) - Fuzzing framework for vulnerability discovery.
  • LibFuzzer - In-process fuzzing tool targeting specific functions.
  • DECAF - QEMU-based binary analysis platform.
  • DeepState - Framework for symbolic execution and fuzzing engines.
  • oss-fuzz-gen - LLM powered fuzzing via OSS-Fuzz.

Binary Feature Extraction

  • ☆ bin2ml - Extracting ML-ready data from software binaries.

Function Comparison and Diffing

  • FASER - Cross-Architecture Function Similarity Search Model.
  • ☆ Tweezer - Identifies unknown function names in binaries

Contributing

Your contributions are always welcome! Please read the contribution guidelines first. We follow the Contributor Covenant Code of Conduct. Please make sure to review and adhere to this code of conduct when contributing.

Licence GitHub

This project is licensed under the MIT License - see the LICENSE.md file for details.

About

A curated list of awesome binary analysis automation training, resources, and tools.

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks