Binary Ninja: Difference between revisions

Binary Ninja
Original author(s)	Jordan Wiens, Rusty Wagner, Peter LaFosse
Developer(s)	Vector 35 Inc
Initial release	July 31, 2016; 8 years ago
Stable release	4.2.6455 / November 20, 2024; 4 days ago
Written in	C++, C, Python, Rust
Operating system	Microsoft Windows, Mac OS X, and Linux
Available in	English
Type	Reverse Engineering, Disassembler, Decompiler
License	Proprietary
Website	https://binary.ninja

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Inline

Latest revision as of 19:46, 20 November 2024

Binary Ninja is a reverse-engineering platform developed by Vector 35 Inc.^[1] It can disassemble a binary and display the disassembly in linear or graph views. It performs automated in-depth analysis of the code, generating information that helps to analyze a binary. It lifts the instructions into intermediate languages, and eventually generates the decompiled code.

Binary Ninja supports various CPU architectures and binary executable formats. It runs on Windows, macOS, and Linux. It also has a free-to-use cloud and native version.^[3]

History

Binary Ninja was originally an internal tool^[4] for a CTF team. The developers later decided to form Vector 35 Inc and develop Binary Ninja into a commercial product. The development started in 2015 and the first public version was released in July 2016.

The commercial product does not share code^[4] with the internal tool. The latter one is now open-sourced^[5] under GPLv2.

Features and usage

User interface

Binary Ninja's UI is built using Qt. Its main UI comprises a symbol list, a cross-reference window, a linear/graph view of the disassembly, a mini-graph, as well as a feature map. It can also show a hex editor, strings listing, and a triage view.

Binary Ninja generates extensive annotations in the UI to assist binary analysis.

Binary Ninja also supports user-defined themes.^[6]

API and plugins

Binary Ninja offers an API that can be accessed via Python, C++, or Rust.^[7] The API is open-sourced^[8] under MIT License. It can interact with most of the Binary Ninja's functionality, e.g., user interface, analysis, IL (see below), etc. It can be used to add support for new architecture or automate tasks.

Plugins^[9] can be made via the API to enhance Binary Ninja. Vector35 maintains a collection of official plugins,^[10] while the community has created numerous community plugins.^[11]

Some notable plugins are the debugger,^[12] the signature kit,^[13] etc.

Binary Ninja intermediate languages (BNIL)

Binary Ninja offers three intermediate languages (ILs).

The low-level IL (LLIL)^[14] is a verbose lifting of the underlying instructions from various architectures to a unified representation.
The medium-level IL (MLIL)^[15] creates variables with types and removes the notion of the stack.
The high-level IL (HLIL, also called decompiler) offers a representation of the code that is similar to C source code.

Core analysis

Binary Ninja automatically performs various analyses on the binary. Some examples are:

function detection
cross-references for code and data
type inference
constant propagation
value-set analysis
jump table resolution

Binary editing and patching, shellcode compiler (SCC)

Binary Ninja offers binary patching and editing features. It can assemble an instruction at the current line, flip a conditional jump, etc. Edits and updated analysis are immediately reflected in the UI.

Binary Ninja can be used as a general binary editor. It supports several commonly-used transformations and encryption algorithms.

The shellcode compiler allows the user to compile and insert code via C syntax.

Supported architectures and executable file formats

Architectures

Binary Ninja supports the following CPU architectures officially:

x86 32-bit
x86 64-bit
ARMv7
Thumb2
ARMv8
PowerPC
MIPS
RISC-V
6502
nanoMIPS
TriCore

The support for these architectures vary and details can be found in the official FAQ.^[16]

Community-authored plugins add support for various other architectures.^[17]

Executable file formats

Binary Ninja supports the following executable file formats officially:

PE/COFF
ELF
Mach-O
.NES binary (via a plugin)
Raw binary
md1rom

References

^ ^a ^b "Vector 35 > home". vector35.com. Retrieved 2020-07-26.
^ ^a ^b Vector 35 Inc. "Binary Ninja > Binary Ninja > changelog". binary.ninja. Retrieved 2020-07-26.
^ "Try Binary Ninja". binary.ninja. Retrieved 2024-03-02.
^ ^a ^b "Binary Ninja > Frequently Asked Questions". faq.binary.ninja. Retrieved 2020-07-26.
^ Vector35/deprecated-binaryninja-python, VECTOR 35, 2020-07-12, retrieved 2020-07-26
^ Vector35/community-themes, VECTOR 35, 2020-07-09, retrieved 2020-07-26
^ "Using the Binary Ninja API - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2023-03-17.
^ Vector35/binaryninja-api, VECTOR 35, 2020-07-22, retrieved 2020-07-26
^ "Using and Writing Plugins - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.
^ Vector35/official-plugins, VECTOR 35, 2020-07-16, retrieved 2020-07-26
^ "Using and Writing Plugins - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.
^ Vector35/debugger, VECTOR 35, 2020-07-25, retrieved 2020-07-26
^ Vector35/sigkit, VECTOR 35, 2020-07-14, retrieved 2020-07-26
^ "BNIL Guide: LLIL - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.
^ "BNIL Guide: MLIL - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.
^ "Binary Ninja > Frequently Asked Questions". binary.ninja. Retrieved 2024-07-25.
^ Vector35/community-plugins, VECTOR 35, 2020-07-22, retrieved 2020-07-26

[:2-1] "Vector 35 > home". vector35.com. Retrieved 2020-07-26.

[:1-2] Vector 35 Inc. "Binary Ninja > Binary Ninja > changelog". binary.ninja. Retrieved 2020-07-26.

[3] "Try Binary Ninja". binary.ninja. Retrieved 2024-03-02.

[:0-4] "Binary Ninja > Frequently Asked Questions". faq.binary.ninja. Retrieved 2020-07-26.

[5] Vector35/deprecated-binaryninja-python, VECTOR 35, 2020-07-12, retrieved 2020-07-26

[6] Vector35/community-themes, VECTOR 35, 2020-07-09, retrieved 2020-07-26

[7] "Using the Binary Ninja API - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2023-03-17.

[8] Vector35/binaryninja-api, VECTOR 35, 2020-07-22, retrieved 2020-07-26

[9] "Using and Writing Plugins - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.

[10] Vector35/official-plugins, VECTOR 35, 2020-07-16, retrieved 2020-07-26

[11] "Using and Writing Plugins - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.

[12] Vector35/debugger, VECTOR 35, 2020-07-25, retrieved 2020-07-26

[13] Vector35/sigkit, VECTOR 35, 2020-07-14, retrieved 2020-07-26

[14] "BNIL Guide: LLIL - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.

[15] "BNIL Guide: MLIL - Binary Ninja User Documentation". docs.binary.ninja. Retrieved 2020-07-26.

[16] "Binary Ninja > Frequently Asked Questions". binary.ninja. Retrieved 2024-07-25.

[17] Vector35/community-plugins, VECTOR 35, 2020-07-22, retrieved 2020-07-26

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

@@ Line 1: / Line 1: @@
 {{short description|Reverse-engineering platform developed by Vector 35 Inc}}
 {{Infobox software
-| title                  = Binary Ninja
+| title = Binary Ninja
-| name                   = Binary Ninja
+| name = Binary Ninja
-| screenshot             =
+| screenshot =
-| author                 = Jordan Wiens, Rusty Wagner, Peter LaFosse
+| author = Jordan Wiens, Rusty Wagner, Peter LaFosse
-| developer              = Vector 35 Inc<ref name=":2" />
+| developer = Vector 35 Inc<ref name=":2" />
-| released               = {{Start date and age|2016|7|31}}<ref name=":1">{{Cite web|last=Inc|first=Vector 35|title=Binary Ninja > Binary Ninja > changelog|url=https://binary.ninja/changelog/|access-date=2020-07-26|website=binary.ninja|language=en}}</ref>
+| released = {{Start date and age|2016|7|31}}<ref name=":1">{{Cite web |author=((Vector 35 Inc))|title=Binary Ninja > Binary Ninja > changelog|url=https://binary.ninja/changelog/|access-date=2020-07-26|website=binary.ninja|language=en}}</ref>
-| latest release version = 2.1.2263
+| latest release version = 4.2.6455
-| latest release date    = {{Start date and age|2020|7|10}}<ref name=":1" />
+| latest release date = {{Start date and age|2024|11|20}}<ref name=":1" />
-| programming language   = [[C++]], [[C]], [[Python (programming language)|Python]]
+| programming language = [[C++]], [[C (programming language)|C]], [[Python (programming language)|Python]], [[Rust (programming language)|Rust]]
-| operating system       = [[Microsoft Windows]], [[Mac OS X]], and [[Linux]]
+| operating system = [[Microsoft Windows]], [[Mac OS X]], and [[Linux]]
-| language               = [[English language|English]]
+| language = [[English language|English]]
-| genre                  = [[Reverse Engineering]], [[Disassembler]], [[Decompiler]]
+| genre = [[Reverse Engineering]], [[Disassembler]], [[Decompiler]]
-| license                = Proprietary
+| license = Proprietary
-| website                = https://binary.ninja/
+| website = https://binary.ninja
 }}
 '''Binary Ninja''' is a reverse-engineering platform developed by Vector 35 Inc.<ref name=":2">{{Cite web|title=Vector 35 > home|url=https://vector35.com/|access-date=2020-07-26|website=vector35.com}}</ref> It can disassemble a binary and display the disassembly in linear or graph views. It performs automated in-depth analysis of the code, generating information that helps to analyze a binary. It lifts the instructions into intermediate languages, and eventually generates the decompiled code.
-Binary Ninja supports various CPU architectures and binary executable formats. It runs on Windows, macOS, and Linux. It also has a free-to-use cloud version.<ref>{{Cite web|title=Binary Ninja Cloud|url=http://cloud.binary.ninja/|access-date=2020-07-26|website=cloud.binary.ninja|language=en}}</ref>
+Binary Ninja supports various CPU architectures and binary executable formats. It runs on Windows, macOS, and Linux. It also has a free-to-use cloud and native version.<ref>{{Cite web|title=Try Binary Ninja|url=https://binary.ninja/free/|access-date=2024-03-02|website=binary.ninja|language=en}}</ref>
 == History ==
-Binary Ninja was originally an internal tool<ref name=":0">{{Cite web|url=https://faq.binary.ninja/en/wasnt-this-an-open-source-project-at-first-6r43DzhbkvAzXSM6S|access-date=2020-07-26|website=faq.binary.ninja}}</ref> for a [[Capture the flag|CTF]] team. The developers later decided to form Vector 35 Inc and develop Binary Ninja into a commercial product. The development started in 2015 and the first public version was released in July 2016.
+Binary Ninja was originally an internal tool<ref name=":0">{{Cite web|url=https://faq.binary.ninja/en/wasnt-this-an-open-source-project-at-first-6r43DzhbkvAzXSM6S|access-date=2020-07-26|website=faq.binary.ninja|title=Binary Ninja > Frequently Asked Questions}}</ref> for a [[Capture the flag (cybersecurity)|CTF]] team. The developers later decided to form Vector 35 Inc and develop Binary Ninja into a commercial product. The development started in 2015 and the first public version was released in July 2016.
 The commercial product does not share code<ref name=":0" /> with the internal tool. The latter one is now open-sourced<ref>{{Citation|title=Vector35/deprecated-binaryninja-python|date=2020-07-12|url=https://github.com/Vector35/deprecated-binaryninja-python|publisher=VECTOR 35|access-date=2020-07-26}}</ref> under [[GNU General Public License|GPLv2]].
 == Features and usage ==
-=== User Interface ===
+=== User interface ===
-Binary Ninja's UI is built on top of [[Qt (software)]]. Its main UI comprises a symbol list, a cross-reference window, a linear/graph view of the disassembly, a mini-graph, as well as a feature map. It can also show a hex editor, strings listing, and a triage view.
+Binary Ninja's UI is built using [[Qt (software)|Qt]]. Its main UI comprises a symbol list, a cross-reference window, a linear/graph view of the disassembly, a mini-graph, as well as a feature map. It can also show a hex editor, strings listing, and a triage view.
 Binary Ninja generates extensive annotations in the UI to assist binary analysis.
@@ Line 36: / Line 36: @@
 === API and plugins ===
-Binary Ninja offers an API<ref>{{Cite web|title=Binary Ninja Python API Documentation — Binary Ninja API Documentation v2.1|url=https://api.binary.ninja/|access-date=2020-07-26|website=api.binary.ninja}}</ref> that can be accessed via [[Python (programming language)|Python]] or [[C (programming language)|C]]. The API is open-sourced<ref>{{Citation|title=Vector35/binaryninja-api|date=2020-07-22|url=https://github.com/Vector35/binaryninja-api|publisher=VECTOR 35|access-date=2020-07-26}}</ref> under [[MIT License]]. It can interact with most of the Binary Ninja's functionality,  e.g., user interface, analysis, IL (see below), etc. It can be used to add support for new architecture or automate tasks.
+Binary Ninja offers an API that can be accessed via [[Python (programming language)|Python]], [[C++]], or [[Rust (programming language)|Rust]].<ref>{{Cite web |title=Using the Binary Ninja API - Binary Ninja User Documentation |url=https://docs.binary.ninja/dev/index.html#language-specific-bindings |access-date=2023-03-17 |website=docs.binary.ninja}}</ref> The API is open-sourced<ref>{{Citation|title=Vector35/binaryninja-api|date=2020-07-22|url=https://github.com/Vector35/binaryninja-api|publisher=VECTOR 35|access-date=2020-07-26}}</ref> under [[MIT License]]. It can interact with most of the Binary Ninja's functionality,  e.g., user interface, analysis, IL (see below), etc. It can be used to add support for new architecture or automate tasks.
 Plugins<ref>{{Cite web|title=Using and Writing Plugins - Binary Ninja User Documentation|url=https://docs.binary.ninja/guide/plugins.html|access-date=2020-07-26|website=docs.binary.ninja}}</ref> can be made via the API to enhance Binary Ninja. Vector35 maintains a collection of official plugins,<ref>{{Citation|title=Vector35/official-plugins|date=2020-07-16|url=https://github.com/Vector35/official-plugins|publisher=VECTOR 35|access-date=2020-07-26}}</ref> while the community has created numerous community plugins.<ref>{{Cite web|title=Using and Writing Plugins - Binary Ninja User Documentation|url=https://docs.binary.ninja/guide/plugins.html|access-date=2020-07-26|website=docs.binary.ninja}}</ref>
@@ Line 45: / Line 45: @@
 Binary Ninja offers three intermediate languages (ILs).
-* The low-lowel IL (LLIL)<ref>{{Cite web|title=BNIL Guide: LLIL - Binary Ninja User Documentation|url=https://docs.binary.ninja/dev/bnil-llil.html|access-date=2020-07-26|website=docs.binary.ninja}}</ref> is a verbose lifting of the underlying instructions from various architectures to a unified representation.
+* The low-level IL (LLIL)<ref>{{Cite web|title=BNIL Guide: LLIL - Binary Ninja User Documentation|url=https://docs.binary.ninja/dev/bnil-llil.html|access-date=2020-07-26|website=docs.binary.ninja}}</ref> is a verbose lifting of the underlying instructions from various architectures to a unified representation.
 * The medium-level IL (MLIL)<ref>{{Cite web|title=BNIL Guide: MLIL - Binary Ninja User Documentation|url=https://docs.binary.ninja/dev/bnil-mlil.html|access-date=2020-07-26|website=docs.binary.ninja}}</ref> creates variables with types and removes the notion of the stack.
 * The high-level IL (HLIL, also called decompiler) offers a representation of the code that is similar to C source code.
 === Core analysis ===
-Binary Ninja automatically performs various analysis on the binary. Some examples are:
+Binary Ninja automatically performs various analyses on the binary. Some examples are:
 * function detection
@@ Line 57: / Line 57: @@
 * constant propagation
 * value-set analysis
 * jump table resolution
 === Binary editing and patching, shellcode compiler (SCC) ===
-Binary Ninja offers a convenient way to edit and patch a binary. It can assemble an instruction at the current line, flip a conditional jump, etc. Edits and updated analysis are immediately reflected in the UI.
+Binary Ninja offers binary patching and editing features. It can assemble an instruction at the current line, flip a conditional jump, etc. Edits and updated analysis are immediately reflected in the UI.
-Besides, Binary Ninja can be used as a general binary editor. It supports several commonly-used transformations and encryption algorithms.
+Binary Ninja can be used as a general binary editor. It supports several commonly-used transformations and encryption algorithms.
 The shellcode compiler allows the user to compile and insert code via C syntax.
@@ Line 78: / Line 78: @@
 * PowerPC
 * MIPS
+* RISC-V
 * 6502
+* nanoMIPS
+* TriCore
-The support for these architectures vary and details can be found in the official FAQ.<ref>{{Cite web|url=https://faq.binary.ninja/en/what-cpu-architectures-are-supported-g8KfmMrgnM8LxGrCc|access-date=2020-07-26|website=faq.binary.ninja}}</ref>
+The support for these architectures vary and details can be found in the official FAQ.<ref>{{Cite web|url=https://binary.ninja/faq/#supported-architectures|access-date=2024-07-25|website=binary.ninja|title=Binary Ninja > Frequently Asked Questions}}</ref>
-Besides, the community also made several architecture plugins<ref>{{Citation|title=Vector35/community-plugins|date=2020-07-22|url=https://github.com/Vector35/community-plugins|publisher=VECTOR 35|access-date=2020-07-26}}</ref> that support various other architectures.
+Community-authored plugins add support for various other architectures.<ref>{{Citation|title=Vector35/community-plugins|date=2020-07-22|url=https://github.com/Vector35/community-plugins|publisher=VECTOR 35|access-date=2020-07-26}}</ref>
 === Executable file formats ===
@@ Line 92: / Line 95: @@
 * .NES binary (via a plugin)
 * Raw binary
+* md1rom
 == See also ==
@@ Line 105: / Line 110: @@
+[[Category:Disassemblers]]
-[[Category:Software engineering]]