Scanning File systems with Binmap
Key | Action |
---|---|
K or space | Play / Pause |
M | Mute / Unmute |
C | Select next subtitles |
A | Select next audio track |
V | Show slide in full page or toggle automatic source change |
left arrow | Seek 5s backward |
right arrow | Seek 5s forward |
shift + left arrow or J | Seek 10s backward |
shift + right arrow or L | Seek 10s forward |
control + left arrow | Seek 60s backward |
control + right arrow | Seek 60s forward |
shift + down arrow | Decrease volume |
shift + up arrow | Increase volume |
shift + comma | Decrease playback rate |
shift + dot or shift + semicolon | Increase playback rate |
end | Seek to end |
beginning | Seek to beginning |
Share this media
Download links
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
Links:
Number of views:
23Creation date:
July 4, 2016Speakers:
Serge GueltonCompany:
RMLLLicense:
CC BY SA v4Description
Binmap is an Open Source tool designed to quickly scan a file system, gather various information on the binaries it finds and store them for futher processing by third-party tools.
It provides handlers for ELF and PE binary formats and can collect usual executable informations:
- imported / exported symbols
- dynamic library dependencies
- hardening features
- version information (using a fuzzy algorithm)
These informations are stored as a graph that can be walked through using a Python API.
So what?
You want to check all the executables that use a given, obsolete library? Walk through its successors!
You want to see the consequences of a system upgrade? Take the diff of the graph!
You want to check if your system is vulnerable to a given CVE? Rely on the collected version information and cross-check information!
You want to audit a system image? Use the chroot mode and quickly find out the interesting binaries!
The tool is extendible: one can contribute with its own binary analyzer to support more formats or to improve existing information extraction.
Serge Guelton
Serge is a pure product of the French Far West: He received his Engineering degree and PhD on Compilation near Brest and since then he has been travelling in the marvelous world of computer science, from HPC to submarine acoustic and now the funny interaction between security and compilation as an R&D engineer for Quarkslab.
Other media in the channel "Sécurité"
- 82 viewsMOWR, A virustotal-like service for web malwaresAugust 7th, 2016
- 273 views, 1 this yearMIG: Investigate 1,000 endpoints in 10sAugust 8th, 2016
- 59 viewsComplex malware & forensics investigationAugust 7th, 2016
- 129 viewsUsing and abusing MISP to track campaignsAugust 7th, 2016
- 18 viewsBuilding A Poor man’s Fir3Ey3 Mail ScannerAugust 8th, 2016
- 16 viewsHands-on security for DIY projectsAugust 7th, 2016