Pentest Tools bincat

Published on February 6th, 2019 📆 | 3786 Views ⚑

0

Bincat – Binary Code Static Analyser, With IDA Integration

BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA.
It features:

  • value analysis (registers and memory)
  • taint analysis
  • type reconstruction and propagation
  • backward and forward analysis
  • use-after-free and double-free detection

▼Advertisement


In action
You can check (an older version of) BinCAT in action here:

Check the tutorial out to see the corresponding tasks.

Quick FAQ
Supported host platforms:

  • IDA plugin: all, version 6.9 or later (BinCAT uses PyQt, not PySide)
  • analyzer (local or remote): Linux, Windows, macOS (maybe)

Supported CPU for analysis (for now):

  • x86-32
  • ARMv7
  • ARMv8
  • PowerPC

Installation
Only IDA v6.9 or later (7 included) are supported

Binary distribution install (recommended)
The binary distribution includes everything needed:

  • the analyzer
  • the IDA plugin

Install steps:

  • Extract the binary distribution of BinCAT (not the git repo)
  • In IDA, click on “File -> Script File…” menu (or type ALT-F7)
  • Select install_plugin.py
  • BinCAT is now installed in your IDA user dir
  • Restart IDA

Manual installation

Analyzer
The analyzer can be used locally or through a Web service.
On Linux:

On Windows:

IDA Plugin

BinCAT should work with IDA on Wine, once pip is installed:

Using BinCAT

Quick start

▼Advertisement

  • Load the plugin by using the Ctrl-Shift-B shortcut, or using the Edit -> Plugins -> BinCAT menu
  • Go to the instruction where you want to start the analysis
  • Select the BinCAT Configuration pane, click <-- Current to define the start address
  • Launch the analysis

Configuration
Global options can be configured through the Edit/BinCAT/Options menu.
Default config and options are stored in $IDAUSR/idabincat/conf.

Options

  • “Use remote bincat”: select if you are running docker in a Docker container
  • “Remote URL”: http://localhost:5000 (or the URL of a remote BinCAT server)
  • “Autostart”: autoload BinCAT at IDA startup
  • “Save to IDB”: default state for the save to idb checkbox

Documentation
manual is provided and check here for a description of the configuration file format.
tutorial is provided to help you try BinCAT’s features.

Article and presentations about BinCAT

 

Download Bincat
Download WordPress Themes Free
Download Nulled WordPress Themes
Download WordPress Themes
Premium WordPress Themes Download
free download udemy paid course

Tagged with:



Leave a Reply ✍


loading...