Binwalk – Firmware Security Analysis & Extraction Tool


Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering, and extraction of firmware images.

Binwalk - Firmware Security Analysis & Extraction Tool


Features of Binwalk Firmware Security Analysis & Extraction Tool

  • Scanning Firmware – Binwalk can scan a firmware image for many different embedded file types and file systems
  • File Extraction – You can tell binwalk to extract any files that it finds in the firmware image
  • Entropy Analysis – Can help identify interesting sections of data inside a firmware image
  • String Search – Allows you to search the specified file(s) for a custom string

There are also various filters such as by CPU architecture, number of instructions, include filter, exclude filter,

Installation of Binwalk Firmware Security Analysis & Extraction Tool

Download binwalk:

Install binwalk; if you have a previously installed version of binwalk, it is suggested that you uninstall it before upgrading:

Debian users can install all optional and suggested extractors/dependencies using the included deps.sh script (recommended):

If you are not a Debian user, or if you wish to install only selected dependencies, see the INSTALL documentation for more details.


Usage of Binwalk Firmware Security Analysis & Extraction Tool

File Extraction

You can tell binwalk to extract any files that it finds in the firmware image with the -e option:

Binwalk will even recursively scan files as it extracts them if you also specify the -M option:

And if the -r option is specified, any file signatures that couldn’t be extracted – or that resulted in 0-size files – will be automatically deleted:

To extract one specific signature type, specify one or more -D type options:

Entropy Analysis

What happens if binwalk doesn’t report any signatures? Or, how do you know binwalk didn’t miss anything interesting?

Entropy analysis can help identify interesting sections of data inside a firmware image:

You can download Binwalk here:

binwalk-v2.2.0.zip

Or read more here.

Posted in: Hardware Hacking


Latest Posts:


Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.
zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.


One Response to Binwalk – Firmware Security Analysis & Extraction Tool

  1. steve April 23, 2020 at 6:37 am #

    Binwalk is a tool that tool for cyber security for sure.

Leave a Reply