[Binwalk] Firmware Analysis Tool

Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules.

Binwalk supports various types of analysis useful for inspecting and reverse engineering firmware, including:

  • Embedded file identification and extraction
  • Executable code identification
  • Type casting
  • Entropy analysis and graphing
  • Heuristic data analysis
  • “Smart” strings analysis

Binwalk’s file signatures are (mostly) compatible with the magic signatures used by the Unix file utility, and include customized/improved signatures for files that are commonly found in firmware images such as compressed/archived files, firmware headers, kernels, bootloaders, filesystems, etc.

Features

Binwalk is:
  • Fast
  • Flexible
  • Extendable
  • Easy to use
Binwalk can:
  • Find and extract interesting files / data from binary images
  • Find and extract raw compression streams
  • Identify opcodes for a variety of architectures
  • Perform data entropy analysis
  • Heuristically analyze unknown compression / encryption
  • Visualize binary data
  • Diff an arbitrary number of files

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s