Binary

The Best Binary Static Analysis Tools (Linters/Formatters)

We rank 26 Binary linters, code analyzers, formatters, and more. Find and compare tools like cargo-bloat, bloaty, BugProve, and more. Please rate and review tools that you've used. This helps others find the best tools for their projects.

23 Binary Tools

cargo-bloat

Find out what takes most of the space in your executable. supports ELF (Linux, BSD), Mach-O (macOS) and PE (Windows) binaries.

  • MaintainedMaintained
  • MaintainedRust
  • Maintainedcli
  • Maintainedlinter
  • 75% upvoted

bloaty

Ever wondered what's making your binary big? Bloaty McBloatface will show you a size profile of the binary so you can understand what's taking up space inside. Bloaty performs a deep analysis of the binary. Using custom ELF, DWARF, and Mach-O parsers, Bloaty aims to accurately attribute every byte of the binary to the symbol or compileunit that produced it. It will even disassemble the binary looking for references to anonymous data. F

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 100% upvoted

Manalyze

A static analyzer, which checks portable executables for malicious content.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 67% upvoted

Dr. Memory

Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors (Github).

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 100% upvoted

angr

Platform agnostic binary analysis framework from UCSB.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 50% upvoted

binbloom

Analyzes a raw binary firmware and determines features like endianness or the loading address. The tool is compatible with all architectures. Loading address: binbloom can parse a raw binary firmware and determine its loading address. Endianness: binbloom can use heuristics to determine the endianness of a firmware. UDS Database: binbloom can parse a raw binary firmware and check if it contains an array containing UDS command IDs.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 50% upvoted

BinSkim

A binary static analysis tool that provides security and correctness results for Windows portable executables.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

cwe_checker

cwe_checker finds vulnerable patterns in binary executables.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

Ghidra

A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 50% upvoted

IDA Free

Binary code analysis tool.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

Jakstab

Jakstab is an Abstract Interpretation-based, integrated disassembly and static analysis framework for designing analyses on executables and recovering reliable control flow graphs.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

rust-audit

Audit Rust binaries for known bugs or security vulnerabilities. This works by embedding data about the dependency tree (Cargo.lock) in JSON format into a dedicated linker section of the compiled executable.

  • MaintainedMaintained
  • MaintainedRust
  • Maintainedcli
  • Maintainedlinter
  • 50% upvoted

VMware chap

chap analyzes un-instrumented ELF core files for leaks, memory growth, and corruption. It is sufficiently reliable that it can be used in automation to catch leaks before they are committed. As an interactive tool, it helps explain memory growth, can identify some forms of corruption, and supplements a debugger by giving the status of various memory locations.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

BOLT

Binary Optimization and Layout Tool - A linux command-line utility used for optimizing performance of binaries with profile guided permutation of linking to improve cache efficiency

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

DynamoRIO

Is a runtime code manipulation system that supports code transformations on any part of a program, while it executes.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

llvm-propeller

Profile guided hot/cold function splitting to improve cache efficiency. An alternative to BOLT by Facebook

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

Pin Tools

A dynamic binary instrumentation tool and a platform for creating analysis tools.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

TRITON

Dynamic Binary Analysis for x86 binaries.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

JEB Decompiler

Decompile and debug binary code. Break down and analyze document files. Android Dalvik, MIPS, ARM, Intel x86, Java, WebAssembly & Ethereum Decompilers.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

mcsema

Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode. It translates ("lifts") executable binaries from native machine code to LLVM bitcode, which is very useful for performing program analysis methods.

  • DeprecatedDeprecated
  • DeprecatedMulti-Language
  • Deprecatedcli
  • Deprecatedlinter
  • 0% upvoted

zydis

Fast and lightweight x86/x86-64 disassembler library

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

Black Duck

Tool to analyze source code and binaries for reusable code, necessary licenses and potential security aspects.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

Nauz File Detector

Static Linker/Compiler/Tool detector for Windows, Linux and MacOS.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

3 Multi-Language Tools

BugProve

Sponsor

BugProve is a firmware analysis platform featuring both static and dynamic analysis techniques to discover memory corruptions, command injections and other classes or common weaknesses in binary code. It also detects vulnerable dependencies, weak cryptographic parameters, misconfigurations, and more.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 54% upvoted

Twiggy

Analyzes a binary's call graph to profile code size. The goal is to slim down wasm binary size.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 67% upvoted

ktool

Fully cross-platform toolkit and library for MachO+Obj-C editing/analysis. Includes a cli kit, a curses GUI, ObjC header dumping, and much more.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

Frequently Asked Questions

What are Binary tools?

A binary file is a computer file that contains only binary digits (bits). The term "binary" comes from the fact that these files contain data expressed in base-2 numeral system. Binary files are often contrasted with text files, which contain human-readable characters encoded using some character encoding scheme. Binary files are often used to store machine code, which is the basic instructions that a computer understands.

What are the best Binary static analysis tools and linters?

The most popular Binary tools ranked by user votes are: cargo-bloat, bloaty, BugProve, Manalyze, Twiggy.

Which Binary tools are free to use?

Tools with a free plan include BugProve. On top of that, there are also a number of open source like cargo-bloat, bloaty, Manalyze, Twiggy, Dr. Memory, angr, binbloom, BinSkim, cwe_checker, Ghidra.

Related Tags

Our Sponsors

This website is completely open source. To fund our work, we fully rely on sponsors. Thanks to them, we can keep the site free for everybody. Please check out their offers below.

  • BugProve
  • Pixee
  • semgrep
  • Offensive 360
  • BetterScan