Overview

Supported formats

How to build

Version history
GUI

Command line

XML project
All rules

PE001

PE002

PE003

PE004

PE005

PE006

PE007

PE008

PE009

PE010

PE011

PE012

PE013

PE014

PE015

PE016

PE017

PE018

PE019

PE020

PE021

PE022

PE023

PE024

PE025

PE026

PE027

PE028

PE029

PE030

PE031

PE032

PE033

PE034

PE035

PE036

PE037

PE038

PE039

PE040

PE041

PE042

PE043

PE044

PE045

PE046

PE047

PE048

PE049

PE050

PE051

PE052

PE053

PE054

PE055

PE056

PE057

PE058

PE059

PE060

PE061

PE062

PE063

PE064

PE065

PE066

PE067

PE068

PE069

PE070

PE071

PE072

PE073

PE074

PE075

PE076

PE077

PE078

PE079

PE080

PE081

PE082

PE083

PE084

PE085

PE086

PE087

PE088

PE089

PE090

PE091

PE092

PE093

PE094

PE095

PE096

PE097

PE098

PE099

PE100

PE101

PE102

PE103

PE104

PE105

PE106

PE107

PE108

PE109

PE110

PE111

PE112

PE113

PE114

PE115

PE116

PE117

PE118

PE119

PE120

PE121

PE122

PE123

PE124

PE125

PE126

PE127

PE128

PE129

PE130

PE131

PE132

PE133

PE134

PE135

PE136

PE137

PE138

PE139

PE140

PE141

PE142

PE143

PE144

PE145

PE146

PE147

PE148

PE149

PE150

PE151

PE152

PE153

PE154

PE155

PE156

PE157

PE158

PE159

PE160

PE161

PE162

PE163

PE164

PE165

PE166

PE167

PE168

PE169

PE170

PE171

PE172

PE173

PE174

PE175

PE176

PE177

PE178

PE179

PE180

PE181

PE182

PE183

PE184

PE185

PE186

PE187

PE188

PE189

PE190
All rules

EXE001

EXE002

Overview

Binary Valentine is the free and open-source executable files static analyzer. It detects a range of various issues, which are usually out of reach of other tools (such as static code analysis).

When developing desktop software, compilers and static code analysis tools only warn about issues with the code. However, when built into a binary, compiled code is surrounded by various structures which tell the operating system how to run the executable file. They also contain a lot of auxiliary information, such as version descriptions or digital signatures. These extra structures are not normally analyzed by any tools. Alas, this does not mean they can not contain any errors or security issues! And in fact, they often do. To reveal these issues and to get guidance on how to fix them, you can use tools like Binary Valentine.

Main features

Finds bugs, misconfigurations, format and security issues related to the executable format and not the code it contains. Suggests security hardening and execution optimization techniques.
Supports flexible project configuration (file path, rule filters), which can be supplied as a separate file (see XML project) or in the command line (see Command line).
Supports several report formats (terminal output, plain text, SARIF, HTML).
Supports both single executable rules and combined (cross-executable) rules.
Easy to include in the SSDLC (Secure Software Development Lifecycle).
Provides a fluent graphical user interface (GUI), which allows to analyze executable files in real time, as well as create, load and save projects without manual XML modifications.
Multithreaded and fast. With the fast SSD drive, scans the whole Windows 10 System32 folder in 10-20 seconds.

Flexible project configuration

An XML project file can be supplied to Binary Valentine, which would scan the project according to selected rules and filters. Binary Valentine provides an intuitive GUI to create and edit projects files.

In addition to project-based execution, Binary Valentine can be invoked by supplying all parameters to its Command line.

Industry standard output formats

Binary Valentine supports several output formats to ease integration with other systems. In addition to terminal, plain text, and HTML reports, it supports the Static Analysis Results Interchange Format (SARIF) 2.1.0, which is the industry standard format for the output of static analysis tools.

Graphical user interface

Binary Valentine provides a fluent user interface (GUI) created with Qt libraries, which allows to analyze executable files in real time. It is also a project editor, allowing to create, edit, save and load projects without manual XML modifications.

Cross-platform

Binary Valentine can be built for a range of platforms with a set of C++20 compilers:

Windows 10/11, MSVC 2022 (Visual Studio solution and CMake build are provided)
Linux, GCC 13.0 (CMake build)
Linux, Clang 16 (CMake build)

Windows 10/11 and modern Linux (kernel version 5.1 or newer with io_uring enabled) are supported as of today.

Overview#

Main features#

Flexible project configuration#

Industry standard output formats#

Graphical user interface#