Binary Analysis Next Generation (BANG)

LSE toolsLSE toolsBinary Analysis Next Generation (365)Binary Analysis Next Generation (365)

Tool and Usage

Project details
LicenseAGPL 3.0
Programming languagePython
AuthorArmijn Hemel
Latest releaseNo release found

Project health

64
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

BANG is a framework to unpack files recursively and scan them. The files can be firmware, binaries, or malware. The main goal is to scan all files and perform classification and labeling. This way each file can be further analyzed based on the characteristics.

How it works

The tool has signatures, carvers, verifiers, and unpackers to deal with most common data formats. Based on each data format, the file will be parsed. For example, a compressed file might be unpacked to do the analysis.

Background information

A few names are used within the project. The GitHub project itself is named binaryanalysis-ng, with the full name being Binary Analysis Next Generation. This is abbreviated to BANG.

Usage and audience

Binary Analysis Next Generation is commonly used for binary analysis, malware analysis, or malware scanning. Target users for this tool are malware analysts and security professionals.

Features

  • Command line interface
  • JSON output supported

Example usage and output

{"unpackedfiles": [], "md5": "c390c05f1f40112a7e4f34e7428942a8", "sha256": "bb56ae839be1742bc63c08cec08789c4bbb37cbe23e8719974c6e63212ecc3d6", "labels": ["root", "binary"], "fullfilename": "/tmp/bang-scan-xkqme9mq/unpack/ps", "filename": "ps", "sha1": "a982bc9ef7ed005625ee02855d45d813bf186bf3", "filesize": 97408}

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Author and Maintainers

Binary Analysis Next Generation is under development by Armijn Hemel.

Installation

Supported operating systems

Binary Analysis Next Generation is known to work on Linux.

Dependencies

Several dependencies are required to use Binary Analysis Next Generation.

  • Python 3

Binary Analysis Next Generation alternatives

Similar tools to Binary Analysis Next Generation:

89

Cutter

Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. Read how it works in this review.

96

LIEF

LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.

100

radare2

Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.

All Binary Analysis Next Generation alternatives

Found an improvement? Help the community by submitting an update.