Source: www.securityweek.com – Author: Ionut Arghire
Google has announced that BinDiff, a popular file comparison tool maintained by the company for more than a decade, is now open source.
Developed by zynamics.com, which was acquired by Google in 2011, BinDiff is a binary file comparison utility that allows users to identify similarities and differences in disassembled code.
Offering support for IDA Pro, Binary Ninja and Ghidra, the tool can be used to compare binary files for multiple architectures, to identify identical or similar functions, discover potential code theft, identify changes between versions, and more.
For security researchers, the tool comes in handy when it comes to the analysis of multiple versions of the same binary, as well as for isolating patches in software updates supplied by vendors.
BinDiff can also be used to transfer analysis results between binaries, to prevent the duplicate analysis of malware and to help share information across teams.
“It can also be used to port symbols and comments between disassemblies of multiple versions of the same binary. This makes tracking changes over time easier and allows organizations to retain analysis results and enables knowledge transfer among binary analysts,” Google’s description of the tool reads.
BinDiff was initially a paid tool, but Google released it for free in 2016. At the time, the internet giant was heavily relying on its core engine for “a large-scale malware processing pipeline helping to protect both internal and external users.”
To further help the security research community relying on BinDiff for malware analysis, Google has now released the tool’s source code on GitHub.
BinDiff can be used on Windows, macOS, and Linux, and supports a Java based GUI that needs to be built separately. Researchers and developers can find instructions on how to build the tool’s code on GitHub.
Original Post URL: https://www.securityweek.com/google-open-sources-binary-file-comparison-tool-bindiff/
Category & Tags: Application Security – Application Security