binsec
🇬🇧 English · 🇩🇪 Deutsch · 🇫🇷 Français
Binary (In)security tool — a minimal static-analysis utility that detects the security mitigations an ELF / PE / Mach-O executable was built with.
This is the ndaal fork (v3.2.3) of
ex0dus-0x/binsec: cleaned,
de-yanked (goblin 0.10.7), and extended with native, strictly
validated SARIF 2.1.0 output and Markdown reports.
Features
- Cross-format: ELF, PE/EXE, Mach-O (parsing via goblin).
- Reports four sections: basic metadata, compilation features, exploit mitigations, and dynamic instrumentation.
- Output formats: human tables, JSON, SARIF 2.1.0 (validated with
SarifValidator::strict()), and GitHub-Flavored Markdown. - Auto-generates
report.sarif+report.mdper run (--no-report,--output-dir). - Pure-Rust dependency tree; no C libraries, no
bindgen, no YARA.
Install
# or, from source:
Usage
|
See binsec --help for the full flag list.
Documentation
- User Guide
- Administrator Guide
- Developer Guide
- Troubleshooting Guide
- API & Output Reference · Reference
- Architecture (arc42) · STRIDE threat model
- CHANGELOG · structure
License
MIT — see LICENSE.md. Original work © ex0dus-0x; fork and
SARIF/Markdown additions © ndaal.