binwalk is a command-line utility designed for analysing binary files and firmware images. It scans binary data to identify embedded files, executable code, compressed archives, and filesystem images hidden inside firmware or other binary blobs.
The tool works by scanning files for known signatures and patterns that indicate the presence of embedded data structures. It can locate and optionally extract these components, making it widely used in reverse engineering, firmware analysis, and security research.
Recent versions of binwalk have been re-implemented in Rust to improve performance, accuracy, and reliability when analysing large binary datasets.
This is free and open source software.
Key Features
- Scans binary images to identify embedded files and executable code.
- Designed primarily for firmware analysis and reverse engineering.
- Detects compressed archives, filesystem images, kernels, and bootloaders within binaries.
- Supports automatic extraction of discovered embedded files.
- Performs entropy analysis to help detect compressed or encrypted data.
- Signature-based scanning identifies many common file formats and structures.
- Command-line interface suitable for scripting and automation. It can be customised and integrated into Rust projects.
Website: github.com/ReFirmLabs/binwalk
Support:
Developer: ReFirmLabs
License: MIT License
binwalk is written in Rust. Learn Rust with our recommended free books and free tutorials.
Related Software
| Binary Analysis Tools | |
|---|---|
| Ghidra | Software reverse engineering framework |
| Radare2 | Portable reversing framework |
| Cutter | Graphical reverse engineering platform |
| Detect it Easy | File inspection utility |
| ImHex | Analyze binary data |
| capa | Command line malware analysis tool |
| binwalk | Search a given binary image for embedded files |
| FLOSS | FLARE Obfuscated String Solver |
| unblob | Extraction suite for working with unknown binary blobs |
| Rizin | UNIX-like reverse engineering framework |
| LIEF | Work with executable and binary formats |
| RetDec | Retargetable machine-code decompiler |
Read our verdict in the software roundup.
| Alternatives to file | |
|---|---|
| fil | Unix file command written in Go |
| mimetype | Determines the MIME type of files |
| xdg-mime | Part of xdg-utils |
| TrID | Identify file types from their binary signatures |
| binwalk | Search a given binary image for embedded files |
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |