Binwalk – Firmware Security Analysis & Extraction Tool


Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering, and extraction of firmware images.

Binwalk - Firmware Security Analysis & Extraction Tool


Features of Binwalk Firmware Security Analysis & Extraction Tool

  • Scanning Firmware – Binwalk can scan a firmware image for many different embedded file types and file systems
  • File Extraction – You can tell binwalk to extract any files that it finds in the firmware image
  • Entropy Analysis – Can help identify interesting sections of data inside a firmware image
  • String Search – Allows you to search the specified file(s) for a custom string

There are also various filters such as by CPU architecture, number of instructions, include filter, exclude filter,

Installation of Binwalk Firmware Security Analysis & Extraction Tool

Download binwalk:

Install binwalk; if you have a previously installed version of binwalk, it is suggested that you uninstall it before upgrading:

Debian users can install all optional and suggested extractors/dependencies using the included deps.sh script (recommended):

If you are not a Debian user, or if you wish to install only selected dependencies, see the INSTALL documentation for more details.


Usage of Binwalk Firmware Security Analysis & Extraction Tool

File Extraction

You can tell binwalk to extract any files that it finds in the firmware image with the -e option:

Binwalk will even recursively scan files as it extracts them if you also specify the -M option:

And if the -r option is specified, any file signatures that couldn’t be extracted – or that resulted in 0-size files – will be automatically deleted:

To extract one specific signature type, specify one or more -D type options:

Entropy Analysis

What happens if binwalk doesn’t report any signatures? Or, how do you know binwalk didn’t miss anything interesting?

Entropy analysis can help identify interesting sections of data inside a firmware image:

You can download Binwalk here:

binwalk-v2.2.0.zip

Or read more here.

Posted in: Hardware Hacking


Latest Posts:


HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.


One Response to Binwalk – Firmware Security Analysis & Extraction Tool

  1. steve April 23, 2020 at 6:37 am #

    Binwalk is a tool that tool for cyber security for sure.