Dagger
Search

bincapz

Features - Analyzes binaries from any architecture - arm64, amd64, riscv, ppc64, sparc64 - Supports scripting languages such as bash, PHP, Perl, Ruby, NodeJS, and Python - Integrates YARA forge for rules by Avast, Elastic, FireEye, Google, Nextron, and others. - 12,000+ rules that detect everything from ioctl's to malware - Tuned for especially excellent performance with Linux programs - Diff-friendly output in Markdown, JSON, YAML outputs - CI/CD friendly

Shortcomings - Does not attempt to process archive files (jar, zip, apk) - Minimal rule support for Windows and Java (help wanted!) - Early in development; output is subject to change

Installation

dagger install github.com/denhamparry/daggerverse/bincapz@6b2dee51df33b67685806d7052b740c0f990898f

Entrypoint

Return Type
Bincapz
Example
func (m *myModule) example() *Bincapz  {
	return dag.
			Bincapz()
}
@function
def example() -> dag.Bincapz:
	return (
		dag.bincapz()
	)
@func()
example(): Bincapz {
	return dag
		.bincapz()
}

Types

Bincapz 🔗

inspectBinary() 🔗

To inspect a binary, pass it as an argument to dump a list of predicted capabilities

Return Type
String !
Arguments
NameTypeDefault ValueDescription
binaryFile !-No description provided
Example
dagger -m github.com/denhamparry/daggerverse/bincapz@6b2dee51df33b67685806d7052b740c0f990898f call \
 inspect-binary --binary file:path
func (m *myModule) example(ctx context.Context, binary *File) string  {
	return dag.
			Bincapz().
			InspectBinary(ctx, binary)
}
@function
async def example(binary: dagger.File) -> str:
	return await (
		dag.bincapz()
		.inspect_binary(binary)
	)
@func()
async example(binary: File): Promise<string> {
	return dag
		.bincapz()
		.inspectBinary(binary)
}

diff() 🔗

Make sure an update doesn’t introduce unexpected capability changes

Return Type
String !
Arguments
NameTypeDefault ValueDescription
oldBinaryFile !-No description provided
newBinaryFile !-No description provided
Example
dagger -m github.com/denhamparry/daggerverse/bincapz@6b2dee51df33b67685806d7052b740c0f990898f call \
 diff --old-binary file:path --new-binary file:path
func (m *myModule) example(ctx context.Context, oldBinary *File, newBinary *File) string  {
	return dag.
			Bincapz().
			Diff(ctx, oldBinary, newBinary)
}
@function
async def example(old_binary: dagger.File, new_binary: dagger.File) -> str:
	return await (
		dag.bincapz()
		.diff(old_binary, new_binary)
	)
@func()
async example(oldBinary: File, newBinary: File): Promise<string> {
	return dag
		.bincapz()
		.diff(oldBinary, newBinary)
}