Binwalk
Binwalk can identify, and optionally extract, files and data that have been embedded inside of other files.
While its primary focus is firmware analysis, it supports a wide variety of file and data types.
Through entropy analysis, it can even help to identify unknown compression or encryption!
Binwalk can be customized and integrated into your own Rust projects.
Usage
Usage: binwalk [OPTIONS] [FILE_NAME]
| Option | Description |
|---|---|
-L, --list | List supported signatures and extractors |
-q, --quiet | Suppress output to stdout |
-v, --verbose | During recursive extraction display all results |
-e, --extract | Automatically extract known file types |
-M, --matryoshka | Recursively scan extracted files |
-a, --search-all | Search for all signatures at all offsets |
-E, --entropy | Plot the entropy of the specified file |
-l, --log <LOG> | Log JSON results to a file |
-t, --threads <THREADS> | Manually specify the number of threads to use |
-x, --exclude <EXCLUDE>... | Do not scan for these signatures |
-y, --include <INCLUDE>... | Only scan for these signatures |
-C, --directory <DIRECTORY> | Extract files/folders to a custom directory [default: extractions] |
-h, --help | Print help |
-V, --version | Print version |