A comprehensive list of tools and resources for automating binary analysis, vulnerability research, and reverse engineering using various techniques like machine learning, scripting, and static/dynamic analysis.
Awesome Binary Analysis Automation is an amazing list for people who work in taking apart binaries and firmware. Simply press ctrl + F to search for a keyword, go through our Contents Menu, or look out for a '☆' indicating some great and up-to-date resources.
- IDA Pro - Advanced disassembler and reverse engineering tool with extensive scripting capabilities.
- ☆ Ghidra - NSA's reverse engineering framework offering disassembly, decompilation, and scripting.
- ☆ Binary Ninja - Known for its intuitive UI and powerful scripting capabilities for various binary analysis tasks.
- ☆ Radare2 - Open-source framework for reverse engineering and binary analysis.
- Hopper - Disassembler for macOS and Linux with decompiling and debugging capabilities.
- Jakstab - Integrated disassembly and static analysis framework.
- GTIRB - IR Binary analysis and rewriting data structure.
- Firmware-Mod-Kit - Collection of scripts for modifying firmware images.
- ☆ Binwalk - For firmware analysis, extraction, and reverse engineering.
- Firmwalker - A script for searching the extracted firmware file system for goodies.
- Srecord - Tools for manipulating EPROM load files.
- Pharos - Carnegie Mellon University’s framework for automating reverse engineering tasks.
- Triton - Dynamic Binary Analysis (DBA) framework.
- Echo - Static analysis, symbolic execution, and emulation framework.
- LIEF - Parses, modifies, and abstracts binary formats.
- ☆ Monocle - Large Language Model For Binary Analysis Search.
- Fwanalyzer - Firmware security analysis.
- ☆ Flawfinder - Tool for analyzing the entropy of firmware files.
- Fdiff - Identifies potential security flaws in source code.
- Checksec - Security checks for binaries.
- Cwe_checker - Identifies common bug patterns in binaries.
- Searchsploit - Command-line search tool for Exploit Database.
- CVE Search - Searching for known vulnerabilities.
- Exploitdb - An archive of public exploits and corresponding vulnerable software.
- Dependency-check - A software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
- BinSkim - Analyzes PE and ELF binary formats for security and correctness.
- Yara - Malware detection and classification.
- ☆ QEMU - Emulator for hardware virtualization used by EMBA for live testing modules.
- Firmadyne - A full-system emulation tool for analyzing Linux-based firmware.
- ☆ Unicorn Engine - CPU emulator framework used for binary analysis and vulnerability research.
- AFL++ (American Fuzzy Lop) - Fuzzing framework for vulnerability discovery.
- LibFuzzer - In-process fuzzing tool targeting specific functions.
- DECAF - QEMU-based binary analysis platform.
- DeepState - Framework for symbolic execution and fuzzing engines.
- oss-fuzz-gen - LLM powered fuzzing via OSS-Fuzz.
- ☆ bin2ml - Extracting ML-ready data from software binaries.
- FASER - Cross-Architecture Function Similarity Search Model.
- ☆ Tweezer - Identifies unknown function names in binaries
Your contributions are always welcome! Please read the contribution guidelines first. We follow the Contributor Covenant Code of Conduct. Please make sure to review and adhere to this code of conduct when contributing.
This project is licensed under the MIT License - see the LICENSE.md file for details.