What is Binary Analysis (BinaryAnalysis-MCP)?

Binary Analysis is an MCP (Model Context Protocol) server designed for static analysis of PE, ELF, and Mach-O binary files. It leverages the LIEF library to extract detailed structural and security-related information.

What are the primary use cases for this tool?

It's ideal for quick binary triage, security assessments, and reverse engineering. Users can rapidly extract comprehensive details like headers, sections, imports, exports, and security flags, aiding in vulnerability identification and understanding binary behavior.

Which binary formats can Binary Analysis analyze?

The tool supports automated detection and analysis of major binary formats including PE (Portable Executable for Windows), ELF (Executable and Linkable Format for Linux/Unix), and Mach-O (Mach-O for macOS/iOS).

What kind of security-related information does it provide?

Binary Analysis assesses crucial security hardening features within binaries, such as ASLR (Address Space Layout Randomization), DEP/NX (Data Execution Prevention/No-Execute), SEH (Structured Exception Handling), CFG (Control Flow Guard), RELRO, stack canaries, and code signing status.

Binary Analysis: PE, ELF, Mach-O Security & Structure

소개

Binary Analysis provides a powerful Model Context Protocol (MCP) server for static analysis of executable files across various platforms. It automatically detects the file format (PE, ELF, or Mach-O) and offers a suite of tools to extract critical insights. From quick triage information like architecture and entry points to comprehensive dumps of headers, sections, imports, exports, and security hardening features, this server helps developers and security researchers quickly understand the characteristics and potential vulnerabilities of binary executables without deep manual inspection. It integrates seamlessly with MCP clients like Claude Desktop or Claude Code, offering a natural language interface to its analytical capabilities.

주요 기능

List all sections with properties like name, size, virtual address, entropy, and permissions.
0 GitHub stars
Automated detection and analysis of PE, ELF, and Mach-O binary formats.
Assess security hardening features such as ASLR, DEP/NX, SEH, CFG, RELRO, stack canaries, and code signing.
Extract comprehensive binary information including format, architecture, entry point, section counts, and flags.
Detailed header dumps for PE (DOS/COFF/Optional), ELF, and Mach-O.

사용 사례

Performing quick static triage of suspicious executable files for malware analysis.
Extracting header, section, import, and export information for reverse engineering tasks.
Assessing the security hardening features implemented in a binary.

소개

주요 기능

List all sections with properties like name, size, virtual address, entropy, and permissions.
0 GitHub stars
Automated detection and analysis of PE, ELF, and Mach-O binary formats.
Assess security hardening features such as ASLR, DEP/NX, SEH, CFG, RELRO, stack canaries, and code signing.
Extract comprehensive binary information including format, architecture, entry point, section counts, and flags.
Detailed header dumps for PE (DOS/COFF/Optional), ELF, and Mach-O.

사용 사례

Performing quick static triage of suspicious executable files for malware analysis.
Extracting header, section, import, and export information for reverse engineering tasks.
Assessing the security hardening features implemented in a binary.