Bincat – Binary Code Static Analyser, With IDA Integration

BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA.It features:value analysis (registers and memory)taint analysistype reconstruction and propagationbackward and forward analysisuse-after-free and double-free detectionIn actionYou can check (an older version of) BinCAT in action here:Basic analysisUsing data taintingCheck the tutorial out to see the corresponding tasks.Quick FAQSupported host platforms:IDA plugin: all, version 6.9 or later (BinCAT uses PyQt, not PySide)analyzer (local or remote): Linux, Windows, macOS (maybe)Supported CPU for analysis (for now):x86-32ARMv7ARMv8PowerPCInstallationOnly IDA v6.9 or later (7 included) are supportedBinary distribution install (recommended)The binary distribution includes everything needed:the analyzerthe IDA pluginInstall steps:Extract the binary distribution of BinCAT (not the git repo)In IDA, click on “File -> Script File…" menu (or type ALT-F7)Select install_plugin.pyBinCAT is now installed in your IDA user dirRestart IDAManual installationAnalyzerThe analyzer can be used locally or through a Web service.On Linux:Using Docker: Docker installation instructionsManual: build and installation instructionsOn Windows:build instructionsIDA PluginWindows manual install.Linux manual installBinCAT should work with IDA on Wine, once pip is installed:download https://bootstrap.pypa.io/get-pip.py (verify it’s good ;)~/.wine/drive_c/Python27/python.exe get-pip.pyUsing BinCATQuick startLoad the plugin by using the Ctrl-Shift-B shortcut, or using the Edit -> Plugins -> BinCAT menu Go to the instruction where you want to start the analysis Select the BinCAT Configuration pane, click <-- Current to define the start address Launch the analysis ConfigurationGlobal options can be configured through the Edit/BinCAT/Options menu.Default config and options are stored in $IDAUSR/idabincat/conf.Options"Use remote bincat": select if you are running docker in a Docker container"Remote URL": http://localhost:5000 (or the URL of a remote BinCAT server)"Autostart": autoload BinCAT at IDA startup"Save to IDB": default state for the save to idb checkboxDocumentationA manual is provided and check here for a description of the configuration file format.A tutorial is provided to help you try BinCAT's features.Article and presentations about BinCATSSTIC 2017, Rennes, France: article (english), slides (french), video of the presentation (french)REcon 2017, Montreal, Canada: slides, videoDownload Bincat

Link: http://www.kitploit.com/2019/02/bincat-binary-code-static-analyser-with.html