Free and open-source executable files static analyzer with UI. 190+ rules for Windows executables (including Electron apps). ELF support is coming next!
Finds configuration bugs and security issues related to the executable format and not the code it contains. Provides guidance to harden security and optimize execution.
Supports flexible project configuration as a separate file or in the command line. Provides adjustable rule, warning level/category, and file path filters, output and execution options.
Generates reports in the industry standard SARIF format. Supports plain text and HTML reports.
Supports both single-executable and cross-executable rules, which allow to detect even more issues for the whole multi-executable project.
Can be easily plugged into the Secure Software Development Lifecycle being an executable with no dependencies. Cross-platform, can be built for Windows and Linux systems.
Multithreaded and extremely fast. Can analyze hundreds of executables per second (with a SSD drive).
Provides a fully featured graphical user interface, which allows to perform executable files analysis in real time! It is also a project editor, allowing to create, edit, save and load projects without manually writing XML.