BLint: Open-source tool to check the security properties of your executables
BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries.
BLint features
“Several source code analysis tools can examine a code repository and generate an SBOM. But what about a binary executable, where the code repository may not be available and the executable is the only artifact to work with? Enter BLint, which aids in generating an SBOM for a binary executable. Creating BLint as open source and adopting it into the OWASP family means that it will be available to all and will grow and evolve,” Tim Messing, Application Security Engineer at Universal Music Group and one of the developers, told Help Net Security.
Messing explained that static analysis of binaries is often underutilized in identifying malicious and/or vulnerable software.
- Can be used to detect overlooked security weaknesses and code signing or authenticode issues of compiled binaries in CI/CD pipelines. Third-party or proprietary dependencies in the form of binaries should be analyzed as part of software supply chain security efforts
- Does not rely on signatures but instead focuses on capabilities
- Does not execute the target, preserving resources and avoiding the need for a live environment
Supported formats
Supported binary formats:
- Android (apk, aab)
- ELF (GNU, musl)
- PE (exe, dll)
- Mach-O (x64, arm64)
You can run BLint on Linux, Windows, and Mac against these binary formats.
The SBOM feature is supported for these types:
- Android (apk/aab)
- Dotnet executable binaries
- Go binaries
Future plans and download
Caroline Russell, Staff Security Engineer at AppThreat, told us the team wants to keep BLint relatively minimal and lightweight. They are looking at adding the following capabilities:
1. Detecting libraries dynamically loaded during runtime
2. Offering a deep mode that will list symbols within static libraries.
3. Add additional annotations and refine existing ones.
4. Add CycloneDx 1.6 support for the SBOM feature.
BLint is available for free on GitHub.
Must read:
- 15 open-source cybersecurity tools you’ll wish you’d known earlier
- 20 essential open-source cybersecurity tools that save you time
source: HelpNetSecurity
Free security scan for your website
Top News:
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
December 27, 2024CISA orders federal agencies to secure Microsoft 365 tenants
December 18, 2024Recorded Future CEO applauds "undesirable" designation by Russia
December 19, 2024Five lesser known Task Manager features in Windows 11
December 25, 2024DDoS Attacks Surge as Africa Expands Its Digital Footprint
December 26, 2024