This software helps turn opaque binary data into something understandable. It’s mainly used by security researchers, malware analysts, firmware specialists, forensic investigators, and developers who need to understand how compiled software works beneath the surface.
A major purpose of this software is identification. Analysts often need to determine what kind of file they’re dealing with, how it was built, whether it has been compressed or packed, and what format or platform it targets. This initial inspection helps guide the rest of the analysis and can quickly reveal whether a file is ordinary, unusual, damaged, or deliberately obfuscated.
Another important area is extraction. Binary images can contain hidden file systems, compressed resources, embedded executables, configuration files, media assets, or other bundled components. Extraction tools make it possible to unpack these layers and examine the individual parts, which is particularly useful for firmware research, embedded systems analysis, and digital forensics.
This type of software is also central to malware analysis. Suspicious programs often hide strings, capabilities, commands, and configuration details to make investigation harder. Analysis tools help uncover these clues, allowing researchers to understand what a sample might do, what systems it targets, and how it communicates.
Reverse engineering tools go deeper by translating machine code into forms that humans can study. They help analysts examine program flow, functions, data structures, and low-level instructions. Some also support decompilation, debugging, patching, and format manipulation.
To provide an insight into the software that is available, we have compiled a list of 12 useful tools for performing binary analysis. Only free and open source software is eligible for inclusion here.
Here’s our verdict captured in a legendary LinuxLinks-style ratings chart.
Click the links below to learn more about each tool.
| Binary Analysis Tools | |
|---|---|
| Ghidra | Software reverse engineering framework |
| Radare2 | Portable reversing framework |
| Cutter | Graphical reverse engineering platform |
| Detect it Easy | File inspection utility |
| ImHex | Analyze binary data |
| capa | Command line malware analysis tool |
| binwalk | Search a given binary image for embedded files |
| FLOSS | FLARE Obfuscated String Solver |
| unblob | Extraction suite for working with unknown binary blobs |
| Rizin | UNIX-like reverse engineering framework |
| LIEF | Work with executable and binary formats |
| RetDec | Retargetable machine-code decompiler |
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |