Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules.
Binwalk supports various types of analysis useful for inspecting and reverse engineering firmware, including:
- Embedded file identification and extraction
- Executable code identification
- Type casting
- Entropy analysis and graphing
- Heuristic data analysis
- "Smart" strings analysis
Features
Binwalk is:
- Fast
- Flexible
- Extendable
- Easy to use
Binwalk can:
- Find and extract interesting files / data from binary images
- Find and extract raw compression streams
- Identify opcodes for a variety of architectures
- Perform data entropy analysis
- Heuristically analyze unknown compression / encryption
- Visualize binary data
- Diff an arbitrary number of files