Categories: Kali Linux

Bincat : Binary Code Static Analyser With IDA Integration

BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation.

It features:

value analysis (registers and memory)
taint analysis
type reconstruction and propagation
backward and forward analysis
use-after-free and double-free detection

Also Read : LOLBAS – Living Off The Land Binaries And Scripts

Quick FAQ

Supported host platforms:

IDA plugin: all, version 7.0 or later (BinCAT uses PyQt, not PySide)
analyzer (local or remote): Linux, Windows, macOS (maybe)

Supported CPU for analysis (for now):

x86-32
x86-64
ARMv7
ARMv8
PowerPC

Installation

Only IDA v7 or later is supported

v6.9 may work, but we won’t support it.

Binary distribution install (recommended)

The binary distribution includes everything needed:

the analyzer
the IDA plugin

Install steps:

Extract the binary distribution of BinCAT (not the git repo)
In IDA, click on “File -> Script File…” menu (or type ALT-F7)
Select install_plugin.py
BinCAT is now installed in your IDA user dir
Restart IDA

Manual installation

Analyser

The analyzer can be used locally or through a Web service.

On Linux:

Using Docker: Docker installation instructions
Manual: build and installation instructions

On Windows:

build instructions

IDA Plugin

BinCAT should work with IDA on Wine, once pip is installed:

download https://bootstrap.pypa.io/get-pip.py (verify it’s good 😉
~/.wine/drive_c/Python27/python.exe get-pip.py

Using BinCAT

Quick start

Load the plugin by using the Ctrl-Shift-B shortcut, or using the Edit -> Plugins -> BinCAT menu
Go to the instruction where you want to start the analysis
Select the BinCAT Configuration pane, click <-- Current to define the start address
Launch the analysis

Configuration

Global options can be configured through the Edit/BinCAT/Options menu.

Default config and options are stored in $IDAUSR/idabincat/conf.

Options

“Use remote bincat”: select if you are running docker in a Docker container
“Remote URL”: http://localhost:5000 (or the URL of a remote BinCAT server)
“Autostart”: autoload BinCAT at IDA startup
“Save to IDB”: default state for the save to idb checkbox

Related

IDA2Obj : Static Binary Instrumentation

January 31, 2022

In "Kali Linux"

XrefGen – Advanced Cross-Reference Generator For IDA Pro

March 27, 2025

In "Cyber security"

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

April 1, 2025

In "Exploitation Tools"

R K

Next Fnord : Pattern Extractor for Obfuscated Code »

Previous « BeeBug : A tool for checking Exploitability

Share

Published by

R K

7 years ago

Recent Posts

Tutorials

Best OSINT Tools for Journalists 2026: Verify Sources, Images and Claims

Journalists use OSINT to verify public information before publishing. In 2026, misinformation, AI-generated images, fake…

9 hours ago

How To

Install Docker on Ubuntu 20.04: Complete Step-by-Step Guide

Docker is an open-source platform that lets you package and run applications inside containers. Each container…

20 hours ago

How To

Install PostgreSQL on Ubuntu: Database Setup and Admin Guide

PostgreSQL (often called Postgres) is an open-source relational database system. It supports advanced features like JSON…

21 hours ago

How To

Install Xrdp Remote Desktop on Ubuntu: Setup and Connect

Xrdp is an open-source server that lets you connect to your Ubuntu machine from another computer…

21 hours ago

How To

Tomcat 9 on Ubuntu 20.04: Install, Configure, and Start

Apache Tomcat is an open-source web server and Java servlet container. It is one of the…

21 hours ago

How To

Automatic Updates on Ubuntu: Set Up unattended-upgrades

Keeping your Ubuntu system updated is one of the best ways to protect it. Security…

22 hours ago

L