Top 23 binary-analysis Open-Source Projects
-
Project mention: Introducing YaRadare - YARA scanning for cloud-native apps (containers) | reddit.com/r/cybersecurity | 2022-07-07
-
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Project mention: A powerful open-source toolkit for hackers and security automation | news.ycombinator.com | 2022-07-15 -
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
Project mention: Detect It Easy 3.05 Program for determining types of files for Windows, Linux and MacOS. | reddit.com/r/ReverseEngineering | 2022-06-16
-
Project mention: What's the Most Portable Way to Include Binary Blobs in an Executable? | news.ycombinator.com | 2022-07-26
My team is working on this problem in the context of creating Node.js single-executable applications. While the naive approach of just appending data at the end of the binary works, it is not friendly with code-signature in macOS and Windows given that signing operates on PE and Mach-O sections.
We have recently open-sourced a small tool called Postject (https://github.com/postmanlabs/postject), which is able to inject arbitrary data as proper ELF/Mach-O/PE sections for all major operating systems (with AIX support coming). The tool also provides C/C++ cross-platform headers for easily traversing the final binary and introspect whether the segment is present or not.
The tool is based on the LIEF (https://github.com/lief-project/LIEF) project.
At Postman, we are making use of this on our custom Node.js single-executable applications and soon on our custom Electron.js builds too.
-
Project mention: A Comprehensive Guide on Web3 Programming Languages and Tools | dev.to | 2022-06-06
MythX, Mythril, Manticore, and Echidna are other tools for security audits.
-
Triton
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code. (by JonathanSalwan)
Triton - Dynamic Binary Analysis (DBA) framework.
-
mcsema
Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode
Project mention: fcd – LLVM-based native program optimizing decompiler | news.ycombinator.com | 2022-05-01 -
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
-
Project mention: Any standard algorithms for parsing (disassembling) machine code? | reddit.com/r/compsci | 2022-05-13
BAP (https://github.com/binaryanalysisplatform/bap), angr (https://angr.io/) and others already do what you're asking for as more purpose-built solutions for dynamic analysis. Angr specifically in python.
-
Project mention: OFRAK (Open Firmware Reverse Analysis Konsole): a recently released new tool for analysing embedded firmware | reddit.com/r/ReverseEngineering | 2022-08-11
-
-
Project mention: Detect It Easy, or abbreviated "DIE" is a program for determining types of files and more | reddit.com/r/CKsTechNews | 2021-11-14
-
Project mention: BinAbsInspector: BinAbsInspector: Vulnerability Scanner for Binaries | reddit.com/r/CKsTechNews | 2022-04-20
-
Project mention: [ANN] yabridge 4.0, with chainloading, an overhauled backend, and many user experience improvements | reddit.com/r/linuxaudio | 2022-06-09
On the backend side, a lot has changed. The biggest change is that the dependency on Boost has been completely removed, and everything has been reworked accordingly. This should make packaging easier, as yabridge now no longer depends on any system library other than the basic libraries needed to interact with X11. Some parts of Boost have been replaced by other headers-only libraries, while other parts now simply use custom implementations. All of this is explained in more detail in the 'Packaging notes' section of the changelog. Yabridgectl also lost its dependency on winedump, at least in most cases. It now tries to parse plugin libraries directly using the goblin binary parsing library. This should also speed up the syncing process. I did, however, run into one plugin that this new parser couldn't handle. If that happens then winedump will still be used instead.
-
cwe_checker - cwe_checker finds vulnerable patterns in binary executables.
-
E9AFL uses E9Patch (https://github.com/GJDuck/e9patch) to insert the AFL instrumentation via static binary rewriting.
-
As I said, a regular text editor won’t do for reading a binary file, so I needed to choose a disassembler to break the challenge binaries out into their basic blocks. I chose to use Binary Ninja because it has a very easy-to-use Python API, and it’s hobbyist-level cheap (for comparison, the industry-standard disassembler is IDA Pro, which they will sell to you for roughly an arm, and continue to pick off your fingers and toes with renewal fees). I began by writing a quick script to go through a single binary and print out the opcodes it encountered in each block, just to validate that I was able to acquire the data I wanted.
-
Project mention: Omnitrace: New Performance Analysis Tool for CPUs and GPUs by AMD Research | reddit.com/r/cpp | 2022-07-25
I think I actually saw the GitHub issue you filed with Dyninst. I noticed you were using Ubuntu 22.04 which I've encountered issues with myself. If you file a bug report on GitHub with some info about the segfault, I'll see what I can do to track it down.
-
-
Project mention: FirmWire/FirmWire: FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares | reddit.com/r/ReverseEngineering | 2022-01-14
They mention that middleware is Avatar2, which uses QEMU.
-
-
Project mention: Binary Analysis Framework B2R2 v0.5.0 released. | reddit.com/r/ReverseEngineering | 2021-10-22
-
binary-analysis related posts
- Get "File Version" from an exe file stored on Linux
- Teaching A Machine To Identify Vulnerabilities (Part 1)
- Why do most hackers base their personality around hacking?
- What is Manticore?
- Crash reporting in Rust
- Any standard algorithms for parsing (disassembling) machine code?
- BinAbsInspector: BinAbsInspector: Vulnerability Scanner for Binaries
Index
What are some of the best open-source binary-analysis projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | radare2 | 16,656 |
| 2 | Scanners-Box | 6,473 |
| 3 | Detect-It-Easy | 3,796 |
| 4 | LIEF | 3,119 |
| 5 | manticore | 3,045 |
| 6 | Triton | 2,430 |
| 7 | mcsema | 2,352 |
| 8 | dynamorio | 2,068 |
| 9 | bap | 1,668 |
| 10 | EMBA | 1,320 |
| 11 | pharos | 1,256 |
| 12 | DIE-engine | 1,249 |
| 13 | BinAbsInspector | 1,164 |
| 14 | goblin | 836 |
| 15 | cwe_checker | 698 |
| 16 | e9patch | 668 |
| 17 | binaryninja-api | 605 |
| 18 | dyninst | 584 |
| 19 | ddisasm | 456 |
| 20 | avatar2 | 417 |
| 21 | go-binsize-treemap | 389 |
| 22 | B2R2 | 353 |
| 23 | sleighcraft | 231 |
Are you hiring? Post a new remote job listing for free.
