{"id":13422847,"url":"https://github.com/airbus-seclab/bincat","last_synced_at":"2025-05-14T10:09:53.459Z","repository":{"id":41293825,"uuid":"92752493","full_name":"airbus-seclab/bincat","owner":"airbus-seclab","description":"Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection","archived":false,"fork":false,"pushed_at":"2025-02-25T16:54:39.000Z","size":9692,"stargazers_count":1764,"open_issues_count":17,"forks_count":165,"subscribers_count":76,"default_branch":"master","last_synced_at":"2025-04-03T20:43:47.468Z","etag":null,"topics":["disassembly","ida-plugin","reverse-engineering","taint-analysis"],"latest_commit_sha":null,"homepage":"","language":"OCaml","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/airbus-seclab.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-05-29T15:31:22.000Z","updated_at":"2025-04-02T05:24:01.000Z","dependencies_parsed_at":"2024-02-11T16:49:07.389Z","dependency_job_id":"c98e67ce-1c76-4cb7-a9ba-ba089672e708","html_url":"https://github.com/airbus-seclab/bincat","commit_stats":{"total_commits":4190,"total_committers":15,"mean_commits":279.3333333333333,"dds":0.669928400954654,"last_synced_commit":"69c849054fa5c7661dbd98502c26bf7b91cdc7b5"},"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/airbus-seclab%2Fbincat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/airbus-seclab%2Fbincat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/airbus-seclab%2Fbincat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/airbus-seclab%2Fbincat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/airbus-seclab","download_url":"https://codeload.github.com/airbus-seclab/bincat/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248337726,"owners_count":21087090,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["disassembly","ida-plugin","reverse-engineering","taint-analysis"],"created_at":"2024-07-30T23:00:58.868Z","updated_at":"2025-04-11T03:36:00.948Z","avatar_url":"https://github.com/airbus-seclab.png","language":"OCaml","funding_links":[],"categories":["IDA Plugins","\u003ca id=\"a76463feb91d09b3d024fae798b92be6\"\u003e\u003c/a\u003e侦察\u0026\u0026信息收集\u0026\u0026子域名发现与枚举\u0026\u0026OSINT","Project","OCaml","\u003ca id=\"170048b7d8668c50681c0ab1e92c679a\"\u003e\u003c/a\u003e工具","使用","\u003ca id=\"34ac84853604a7741c61670f2a075d20\"\u003e\u003c/a\u003e污点分析\u0026\u0026符号执行","Tools","Program analysis"],"sub_categories":["\u003ca id=\"05ab1b75266fddafc7195f5b395e4d99\"\u003e\u003c/a\u003e未分类-OSINT","Program Analysis","\u003ca id=\"34ac84853604a7741c61670f2a075d20\"\u003e\u003c/a\u003e污点分析\u0026\u0026符号执行","\u003ca id=\"cadae88b91a57345d266c68383eb05c5\"\u003e\u003c/a\u003edemangle","Binaries"],"readme":"## Introduction\n\n### What is BinCAT?\n\nBinCAT is a *static* Binary Code Analysis Toolkit, designed to help reverse\nengineers, directly from IDA or using Python for automation.\n\nIt features:\n\n* value analysis (registers and memory)\n* taint analysis\n* type reconstruction and propagation\n* backward and forward analysis\n* use-after-free and double-free detection\n\n### In action\n\nYou can check (an older version of) BinCAT in action here:\n\n* [Basic analysis](https://syscall.eu/bincat/main.mp4)\n* [Using data tainting](https://syscall.eu/bincat/taint.mp4)\n\nCheck the [tutorial](doc/tutorial.md) out to see the corresponding tasks.\n\n### Quick FAQ\n\nSupported host platforms:\n\n* IDA plugin: all, version **7.4 or later** (only Python 3 is supported)\n* analyzer (local or remote): Linux, Windows, macOS (maybe)\n\nSupported CPU for analysis (for now):\n* x86-32\n* x86-64\n* ARMv7\n* ARMv8\n* PowerPC\n\n## Installation\n\n**Only IDA v7.4 or later is supported**\n\nOlder versions may work, but we won't support them.\n\n### Binary distribution install (recommended)\n\nThe [binary distribution](https://github.com/airbus-seclab/bincat/releases)\nincludes everything needed:\n\n* the analyzer\n* the IDA plugin\n\nInstall steps:\n\n* Extract the [binary distribution](https://github.com/airbus-seclab/bincat/releases) of BinCAT (not the git repo)\n* In IDA, click on \"File -\u003e Script File...\" menu (or type ALT-F7)\n* Select `install_plugin.py`\n* BinCAT is now installed in your IDA user dir\n* Restart IDA\n\n### Manual installation\n\n#### Analyzer\nThe analyzer can be used locally or through a Web service.\n\nOn Linux:\n* Using Docker: [Docker installation instructions](doc/install_docker.md)\n* Manual: [build and installation instructions](doc/install_manual.md)\n\nOn Windows:\n* [build instructions](doc/windows_build.md)\n\n#### IDA Plugin\n\n* [Windows manual install](doc/plugin_manual_win.md).\n* [Linux manual install](doc/install_manual.md)\n\nBinCAT should work with IDA on Wine, once pip is installed:\n\n* download \u003chttps://bootstrap.pypa.io/get-pip.py\u003e (verify it's good ;)\n* `~/.wine/drive_c/Python/python.exe get-pip.py`\n\n## Using BinCAT\n\n### Quick start\n* Load the plugin by using the `Ctrl-Shift-B` shortcut, or using the\n  `Edit -\u003e Plugins -\u003e BinCAT` menu\n\n* Go to the instruction where you want to start the analysis\n* Select the `BinCAT Configuration` pane, click `\u003c-- Current` to define the start address\n* Launch the analysis\n\n### Configuration\nGlobal options can be configured through the `Edit/BinCAT/Options` menu.\n\nDefault config and options are stored in `$IDAUSR/idabincat/conf`.\n\n#### Options\n\n* \"Use remote bincat\": select if you are running docker in a Docker container\n* \"Remote URL\": http://localhost:5000 (or the URL of a remote BinCAT server)\n* \"Autostart\": autoload BinCAT at IDA startup\n* \"Save to IDB\": default state for the `save to idb` checkbox\n\n\n## Documentation\nA [manual](doc/manual.md) is provided and check [here](doc/ini_format.md) for a\ndescription of the configuration file format.\n\n\nA [tutorial](doc/tutorial.md) is provided to help you try BinCAT's features. \n\n\n## Article and presentations about BinCAT\n\n* [SSTIC 2017](https://www.sstic.org/2017/presentation/bincat_purrfecting_binary_static_analysis/), Rennes, France: [article](https://www.sstic.org/media/SSTIC2017/SSTIC-actes/bincat_purrfecting_binary_static_analysis/SSTIC2017-Article-bincat_purrfecting_binary_static_analysis-biondi_rigo_zennou_mehrenberger.pdf) (english), [slides](https://www.sstic.org/media/SSTIC2017/SSTIC-actes/bincat_purrfecting_binary_static_analysis/SSTIC2017-Slides-bincat_purrfecting_binary_static_analysis-biondi_rigo_zennou_mehrenberger.pdf) (french), [video of the presentation](https://static.sstic.org/videos2017/SSTIC_2017-06-07_P07.mp4) (french)\n* [REcon 2017](https://recon.cx/2017/montreal/talks/bincat.html), Montreal, Canada: [slides](https://syscall.eu/bincat/bincat-recon.pdf), [video](https://recon.cx/media-archive/2017/mtl/recon2017-mtl-05-philippe-biondi-xavier-mehrenberger-raphael-rigo-sarah-zennou-BinCAT-purrfecting-binary-static-analysis.mp4)\n\n## Licenses\n\nBinCAT is released under the [GNU Affero General Public\nLicence](https://www.gnu.org/licenses/agpl.html).\n\nThe BinCAT OCaml code includes code from the original Ocaml runtime, released\nunder the [LGPLv2](https://www.gnu.org/licenses/lgpl-2.0.txt).\n\nThe BinCAT IDA plugin includes code from\n[python-pyqt5-hexview](https://github.com/williballenthin/python-pyqt5-hexview)\nby Willi Ballenthin, released under the Apache License 2.0.\n\nBinCAT includes a modified copy of\n[newspeak](https://github.com/airbus-seclab/c2newspeak).\n\n## Automated builds\n\nAutomated builds for Linux and Windows are performed automatically\nusing GitHub Actions (see [here](.github/workflows)), results can be\nobtained on GitHub's\n[Actions](https://github.com/airbus-seclab/bincat/actions) tab.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fairbus-seclab%2Fbincat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fairbus-seclab%2Fbincat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fairbus-seclab%2Fbincat/lists"}