HOME

TheInfoList



Click Here for Items Related To - Binary Ninja
OR:
Binary Ninja on:   [Wikipedia]   [Google]   [Amazon]

Binary Ninja is a reverse-engineering platform developed by Vector 35 Inc. It can disassemble a binary and display the disassembly in linear or graph views. It performs automated in-depth analysis of the code, generating information that helps to analyze a binary. It lifts the instructions into intermediate languages, and eventually generates the decompiled code. Binary Ninja supports various CPU architectures and binary executable formats. It runs on Windows, macOS, and Linux. It also has a free-to-use cloud version.


History

Binary Ninja was originally an internal tool for a CTF team. The developers later decided to form Vector 35 Inc and develop Binary Ninja into a commercial product. The development started in 2015 and the first public version was released in July 2016. The commercial product does not share code with the internal tool. The latter one is now open-sourced under
GPLv2 The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general us ...
.


Features and usage


User interface

Binary Ninja's UI is built using Qt. Its main UI comprises a symbol list, a cross-reference window, a linear/graph view of the disassembly, a mini-graph, as well as a feature map. It can also show a hex editor, strings listing, and a triage view. Binary Ninja generates extensive annotations in the UI to assist binary analysis. Binary Ninja also supports user-defined themes.


API and plugins

Binary Ninja offers an API that can be accessed via
Python Python may refer to: Snakes * Pythonidae, a family of nonvenomous snakes found in Africa, Asia, and Australia ** ''Python'' (genus), a genus of Pythonidae found in Africa and Asia * Python (mythology), a mythical serpent Computing * Python (pro ...
or C. The API is open-sourced under
MIT License The MIT License is a permissive free software license originating at the Massachusetts Institute of Technology (MIT) in the late 1980s. As a permissive license, it puts only very limited restriction on reuse and has, therefore, high license comp ...
. It can interact with most of the Binary Ninja's functionality, e.g., user interface, analysis, IL (see below), etc. It can be used to add support for new architecture or automate tasks. Plugins can be made via the API to enhance Binary Ninja. Vector35 maintains a collection of official plugins, while the community has created numerous community plugins. Some notable plugins are the debugger, the signature kit, etc.


Binary Ninja intermediate languages (BNIL)

Binary Ninja offers three intermediate languages (ILs). * The low-level IL (LLIL) is a verbose lifting of the underlying instructions from various architectures to a unified representation. * The medium-level IL (MLIL) creates variables with types and removes the notion of the stack. * The high-level IL (HLIL, also called decompiler) offers a representation of the code that is similar to C source code.


Core analysis

Binary Ninja automatically performs various analyses on the binary. Some examples are: * function detection * cross-references for code and data * type inference * constant propagation * value-set analysis * jump table resolution


Binary editing and patching, shellcode compiler (SCC)

Binary Ninja offers a convenient way to edit and patch a binary. It can assemble an instruction at the current line, flip a conditional jump, etc. Edits and updated analysis are immediately reflected in the UI. Besides, Binary Ninja can be used as a general binary editor. It supports several commonly-used transformations and encryption algorithms. The shellcode compiler allows the user to compile and insert code via C syntax.


Supported architectures and executable file formats


Architectures

Binary Ninja supports the following CPU architectures officially: * x86 32-bit * x86 64-bit * ARMv7 * Thumb2 * ARMv8 * PowerPC * MIPS * 6502 The support for these architectures vary and details can be found in the official FAQ. Besides, the community also made several architecture plugins that support various other architectures.


Executable file formats

Binary Ninja supports the following executable file formats officially: * PE/COFF * ELF * Mach-O * .NES binary (via a plugin) * Raw binary


See also

*
Ghidra Ghidra (pronounced gee-druh; ) is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at RSA Conference in March 2019; the sources were published one mo ...
* JEB *
Radare2 Radare2 (also known as r2) is a complete framework for reverse-engineering and analyzing binaries; composed of a set of small utilities that can be used together or independently from the command line. Built around a disassembler for computer soft ...
*
Interactive Disassembler The Interactive Disassembler (IDA) is a disassembler for computer software which generates assembly language source code from machine-executable code. It supports a variety of executable, executable formats for different Central processing unit, ...
*
Decompiler A decompiler is a computer program that translates an executable file to a high-level source file which can be recompiled successfully. It does therefore the opposite of a typical compiler, which translates a high-level language to a low-level lan ...
*
Disassembler A disassembler is a computer program that translates machine language into assembly languageā€”the inverse operation to that of an assembler. A disassembler differs from a decompiler, which targets a high-level language rather than an assembly lan ...


References

{{Reflist Disassemblers